See below:
On 5/13/2022 8:41 PM, Arne Jensen wrote:
Den 13-05-2022 kl. 23:42 skrev Jeff Koch:
We're getting numerous false positives on 'RCVD_IN_DNSWL_HI RBL'.
When I check these IP's (193.106.175.39, for example) at
https://www.dnswl.org they are NOT listed.
Hi:
We're getting numerous false positives on 'RCVD_IN_DNSWL_HI RBL'. When I
check these IP's (193.106.175.39, for example) at https://www.dnswl.org
they are NOT listed.
* -5.0 RCVD_IN_DNSWL_HI RBL: Sender listed at
https://www.dnswl.org/, high
* trust
y
domain
name it wants. Hosts can do this at a variety of levels: in
particular, the session, the envelope, and the mail headers.
Although this feature is desirable in some circumstances, it is a
major obstacle to reducing Unsolicited Bulk E-Mail (UBE, aka
spam)."
I think this argument is
How silly. That's like saying an iPhone is not a gaming device even though
plenty of people use it to play game apps. Perhaps you should re-read the
SPF FAQ's.
At 04:31 PM 2/25/2010, you wrote:
Jeff Koch wrote on Thu, 25 Feb 2010 15:08:46 -0500:
> I disagree.
I don'
I disagree. SPF is just one of the tools - among other tools (e.g. DKIM,
domain keys, not accepting email from servers with no RDNS, etc) -
developed to help reduce spam.
--
Get your web at Conactive Internet Services: http://www.conactive.com
Best Regards,
Jeff Koch, Intersessions
ation program which we neither have the time
or money to do. Since we like our customers and they pay the bills it is
now a dead issue.
Any other experiences? I love to hear.
Best Regards,
Jeff Koch, Intersessions
, score=1.8 required=5.0 tests=RDNS_NONE,URI_HEX autolearn=no
version=3.2.4
X-Spam-Report:
* 1.3 URI_HEX URI: URI hostname has long hexadecimal sequence
* 0.5 RDNS_NONE Delivered to trusted network by a host with no rDNS
Date: Sun, 14 Feb 2010 08:54:46 -0800
To: Jeff Koch
rn=no
version=3.2.4
X-Spam-Report:
* 1.3 URI_HEX URI: URI hostname has long hexadecimal sequence
* 0.5 RDNS_NONE Delivered to trusted network by a host with no rDNS
Date: Sat, 13 Feb 2010 09:11:56 -0800
To: Jeff Koch
Subject: Re: CFL Application (KMM104380179V81098L0KM)
From:
et signed ( for eg using a direct
relay with a compromised account ) you may be relaying the spams
inadvertently on the outbound , but never get FBL's until all the world
blacklists you
--
J.D. Falk
<jdf...@returnpath.net>
Return Path Inc
Best Regards,
Jeff Koch, Intersessions
hand, they send out emails from
their abuse-admin saying that they have no such program.
Yahoo is making me crazy.
If anyone has the email address of someone their that can actually get an
ISP signed up for the program I would appreciate it.
Best Regards,
Jeff Koch, Intersessions
n corrected yet?
Best Regards,
Jeff Koch, Intersessions
I give up!
Best Regards,
Jeff Koch, Intersessions
Instead of trying to make points why not read the whole thread? As I said
in a prior response - not everyone has management control over the
mailserver they use to get SA list mail.
At 01:01 PM 12/15/2009, Toni Mueller wrote:
On Tue, 15.12.2009 at 12:52:44 -0500, Jeff Koch
wrote:
>
As I said not everyone controls the mailserver they get their list mail from.
At 12:55 PM 12/15/2009, LuKreme wrote:
On 15-Dec-2009, at 10:52, Jeff Koch wrote:
> At 12:41 PM 12/15/2009, Benny Pedersen wrote:
>> open your eyes and see more, both the above smartphones above can
>&
Of course an iPhone can see IMAP folders. But what's going to sort mail
into folders when I'm traveling for a week and the office PC is turned off?
At 12:41 PM 12/15/2009, Benny Pedersen wrote:
On tir 15 dec 2009 18:22:00 CET, Jeff Koch wrote
How could a two character tag
- but why not
also make it easy to follow discussions on other devices?
At 12:00 PM 12/15/2009, Toni Mueller wrote:
Hi,
On Tue, 15.12.2009 at 11:44:49 -0500, Charles Gregory
wrote:
> On Tue, 15 Dec 2009, Jeff Koch wrote:
>> I have to say that it is extremely annoying that thi
How could a two character tag like SA be annoying? You must never use a
blackberry or iPhone to check your email either.
At 11:12 AM 12/15/2009, RW wrote:
On Tue, 15 Dec 2009 09:44:50 -0500
Jeff Koch wrote:
>
> I have to say that it is extremely annoying that this mailing list
>
trying to get more users sending
there login and passwords then what ever it really is ?
--
xpoint http://www.unicom.com/pw/reply-to-harmful.html
Best Regards,
Jeff Koch, Intersessions
TIA
Best Regards,
Jeff Koch
appreciate it.
Jeff
At 07:53 PM 11/21/2008, you wrote:
On Sat, November 22, 2008 01:41, Jeff Koch wrote:
> How do I correct this problem? When I run 'nslookup 74.220.16.65' from
> various machines it shows the correct answer.
your computer, your problem :)
i showed 2 links, sh
Hi Benny:
How do I correct this problem? When I run 'nslookup 74.220.16.65' from
various machines it shows the correct answer.
At 07:02 PM 11/21/2008, you wrote:
On Sat, November 22, 2008 00:22, Jeff Koch wrote:
> As far as I can tell 'cronus.intersessions.com' h
tell 'cronus.intersessions.com' has reverse setup and it
matches 74.220.16.65.
What am I missing?
Best Regards,
Jeff Koch, Intersessions
ws XP SP3 with default Outlook
Express. !!! Oh my. Whatta heck! Oh my.
Can we get rid of this Outlook problem, so many ppl have reported
problems already? Or is it fixed? Good. Thanks.
Please show full headers of the message.
Best Regards,
Jeff Koch, Intersessions
XP SP3 with default Outlook
Express. !!! Oh my. Whatta heck! Oh my.
Can we get rid of this Outlook problem, so many ppl have reported problems
already? Or is it fixed? Good. Thanks.
Best Regards,
Jeff Koch, Intersessions
message ID after the '@'. I don't have
access to Outlook for testing.
On a side note, Outlook and Outlook Express also HELO with the computer's
name when sending a message through an email server.
Best Regards,
Jeff Koch, Intersessions
sdell wrote:
[snip]
Scratch that and reverse it. If it does match, then it will score the
message header as fake. oops :) sorry. Let me check some more things.
Did outlook really generate this message-id:
Message-ID: <[EMAIL PROTECTED]>
?
Best Regards,
Jeff Koch, Intersessions
pe: text/plain;
format=flowed;
charset="iso-8859-1";
reply-type=original
Content-Transfer-Encoding: 7bit
--=_NextPart_000_0039_01C8AF72.8920CD60
At 04:29 PM 5/9/2008, Randy Ramsdell wrote:
Jeff Koch wrote:
Hi Matus:
Here's the header. We're seein
.3790.4133
This is a multi-part message in MIME format.
At 01:05 PM 5/9/2008, Matus UHLAR - fantomas wrote:
On 09.05.08 12:08, Jeff Koch wrote:
> Our users are getting false positives with hits on
>
> 4.2 FORGED_MUA_OUTLOOK
>
> and are saying they are 100% certain that the
Hi:
Our users are getting false positives with hits on
4.2 FORGED_MUA_OUTLOOK
and are saying they are 100% certain that the email was sent from MS
Outlook Express. Is this a known problem or are these users doing something
wrong?
Best Regards,
Jeff Koch
is expressly designed to catch backscatter -- and does a good job at it.
If you have a backscatter problem, you need to start using that ruleset.
--j.
Best Regards,
Jeff Koch, Intersessions
2B9F 8422 C063 5EBB FE1D 66D1
Best Regards,
Jeff Koch, Intersessions
t 02:04 PM 4/6/2008, Karsten Bräckelmann wrote:
On Sun, 2008-04-06 at 13:19 -0400, Jeff Koch wrote:
> Maybe I'm doing something wrong but the bounces we receive are getting
> extremely low scores. My understanding was that by enabling VBounce in the
> V3.2.4 config's and by adding
[ID=2 4B300C2D2BC44937ABDB0C10BEF68235]
X-IMAIL-SPAM-PREMIUM: (233101d0db85)
This is a multi-part message in MIME format.
Best Regards,
Jeff Koch, Intersessions
I can do to mitigate this?
>
> Thanks.
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
>
Best Regards,
Jeff Koch, Intersessions
Thanks - that worked!!
At 07:08 PM 3/30/2008, Matt Kettler wrote:
Jeff Koch wrote:
Hi Matt:
Thanks for answering. However neither 'add_header all Report_REPORT_' or
'add_header all' seem to be valid SA commands per 'lint'
You're missing a space bet
e a report with detailed scoring but doesn't.
Any idea how we can troubleshoot this? We are trying to get a report with
detailed scoring.
At 08:27 AM 3/28/2008, Matt Kettler wrote:
Jeff Koch wrote:
We used to get detailed spam scoring in the email headers but it seems to
have disappear
Hi Matus:
Thanks but I don't even see these rules getting triggered. We have the
plugin enabled and the 'whitelist_bounce_relays mailserver_name' line in
local.cf
At 12:09 PM 3/25/2008, you wrote:
>On 25.03.08 12:00, Jeff Koch wrote:
> > Our users are getting tons
x27;ve given up. Sorry it didn't work out.
Best Regards,
Jeff Koch, Intersessions
We used to get detailed spam scoring in the email headers but it seems to
have disappeared after installing 3.2.4. Is there some command for turning
the detailed scoring back on. Can someone please tell me what it is?
Thanks
Best Regards,
Jeff Koch, Intersessions
Hi:
Our users are getting tons of bounce-back (joe job) spam starting Monday.
The bounces-backs are getting very low scores. Is there anything we can
do/change/adjust in SA to block these?
Best Regards,
Jeff Koch, Intersessions
/perl5/site_perl/5.8.0/Mail/SpamAssassin/Plugin/AWL.pm line 397,
line 689.
This whole setup is working properly on two other mailservers and we can't
see what's different about the one. Any suggestions would be welcome.
TIA
Best Regards,
Jeff Koch
d local.cf with 'use_auto_whitelist 0' and without.
Has anyone else seen this error? Any solutions? TIA
Starting spamd: The -a option has been removed. Please look at the
use_auto_whitelist config option instead.
[FAILED]
----
Best Regards,
Jeff Koch
Regards,
Jeff Koch
to strip off the forwarding enclosure.
Thanks in advance.
Jeff Koch
are the opinions of those running heavily used mailservers? Any
suggestions or words of wisdom on the proper settings to keep things under
control.
Best Regards,
Jeff Koch
Hi:
We're getting hit with a lot of emails with blank subject lines and blank
contents. Could be some kind of address verification robot. Is SA supposed
to filter these? If not, does anyone have some custom rules that would do it?
Best Regards,
Jeff Koch
really figure it out. Surely there are some other ISP's on these
lists who might be willing to tell me how they use it.
Thanks,
Lisa Casey
Best Regards,
Jeff Koch, Intersessions
r even that the
two servers were serving the same domains.
I just took it at face value that with 3.0.1 they couldn't keep up, but
falling back to 2.64 he could carry the load.
--
_____
John Andersen
Best Regards,
Jeff Koch, Intersessions
>people's opinions and experience setting up separate/multiple SA servers?
> >Are there any good links for reading about such setups on the wiki or
> >anywhere else?
> >
> > > SA is that CPU intensive, it really is. Maybe try adding RBL's in
> front
> > > of the MTA to reduce the number of messages you have to scan, that's
> > > what we do.
> >
> >Ha! Yeah, this message rate is *WITH* something like 10 RBL's in Postfix
> up
> >front. W/out that, we'd *really* be drowning. :)
> >
> >Many thanks!
__
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
Best Regards,
Jeff Koch, Intersessions
at 01:09:57AM -0400, Jeff Koch wrote:
>
> We figure that we'd have to reduce the email load on each server by 50% in
> order to use SA 3.0 and thereby need twice as many servers. However, we're
> going to wait until the SA developers take the memory and load issues
> seri
front
> of the MTA to reduce the number of messages you have to scan, that's
> what we do.
Ha! Yeah, this message rate is *WITH* something like 10 RBL's in Postfix up
front. W/out that, we'd *really* be drowning. :)
Many thanks!
__
Do you Yahoo!?
Yahoo! Mail Address AutoComplete - You start. We finish.
http://promotions.yahoo.com/new_mail
Best Regards,
Jeff Koch
Our auto-whitelist file on our server has grown to 700MB. Is there a
procedure for pruning it? It seems to be growing indefinitely.
Best Regards,
Jeff Koch
re" in the subject line for easier sorting of the
emails in folders? This is actually the first list am using that doesn't
have anything unique in the subject.
Thanks,
Predrag
Best Regards,
Jeff Koch, Intersessions
53 matches
Mail list logo