40 comcast. net detected as URI

2007-10-17 Thread Jim Hermann - UUN Hostmaster
> Why is my Spamassassin is reporting as > URI 40 comcast. com? (without the spaces) > > Thanks. > > Jim > - > Jim Hermann <[EMAIL PROTECTED]> > UUism Networks > Ministering to the Needs of Online UUs > Web Hosting, Email Services, Mailing Lists > - >

40comcast.net detected as URI

2007-10-16 Thread Jim Hermann - UUN Hostmaster
The UUism Networks MailScanner believes that the attachment to this message sent to you From: [EMAIL PROTECTED] Subject: 40comcast.net detected as URI may be Unsolicited Commercial Email (spam). Unless you are sure that this message is incorrectly thought to be spam, please delete this

Why do Spambot HELO Signatures appear to be random characters?

2006-06-26 Thread Jim Hermann - UUN Hostmaster
In some other work that I was doing, I ran across this information: BTW, Notice that the HELO signatures have an identifying characteristic: randomness Could we use the HELO randomness to identify the source as a Spambot? Here are the kind of HELO Signatures my favorite Spambot produces: (always

RE: [SPAM] Examples of Received Headers

2006-06-25 Thread Jim Hermann - UUN Hostmaster
> On Sun, 25 Jun 2006, Jim Hermann - UUN Hostmaster wrote: > > > Here are examples of the Received Headers for the type of spam > > that are being sent with forged email addresses for a domain that > > I host. > > The Received headers in spams cannot be trusted, exc

Examples of Received Headers

2006-06-25 Thread Jim Hermann - UUN Hostmaster
Here are examples of the Received Headers for the type of spam that are being sent with forged email addresses for a domain that I host. These at the last 10 bounced messages that I received, so it is fairly representative. Granted, 3 out of 10 messages originated in Romania. However, 3 out of 1

RE: Bounced messages for email from forged email addresses for a hosted domain - need opinions

2006-06-25 Thread Jim Hermann - UUN Hostmaster
> >> Personally, nowadays I believe bouncing messages back to > the alleged > >> sender > > > > That's not what he's asking. He wants to know whether asking ISPs to > > implement SPF checks (where they don't yet check SPF) will work. > > I'm not convinced that is what he meant but he wasn't clear

RE: SPF_SOFTFAIL not working properly

2006-06-25 Thread Jim Hermann - UUN Hostmaster
> > On 6/24/2006 11:14 AM, Jim Hermann - UUN Hostmaster wrote: > > > How do I debug the SPF Module during SA Operations? > > > > > > I have had another email marked as SPF_SOFTFAIL during the > > first receipt and > > > the From domain does not

Bounced messages for email from forged email addresses for a hosted domain - need opinions

2006-06-25 Thread Jim Hermann - UUN Hostmaster
Does it do any good to complain to the ISP that accepted the original email with a forged email address that uses a domain name that I administer? I administer a number of domain names that are being used in the forged email addresses for spam that is sent to recipients on other servers. Some peo

RE: SPF_SOFTFAIL not working properly

2006-06-24 Thread Jim Hermann - UUN Hostmaster
> On 6/24/2006 11:14 AM, Jim Hermann - UUN Hostmaster wrote: > > How do I debug the SPF Module during SA Operations? > > > > I have had another email marked as SPF_SOFTFAIL during the > first receipt and > > the From domain does not have a TXT SPF record. When I

SPF_SOFTFAIL not working properly

2006-06-24 Thread Jim Hermann - UUN Hostmaster
How do I debug the SPF Module during SA Operations? I have had another email marked as SPF_SOFTFAIL during the first receipt and the From domain does not have a TXT SPF record. When I isolated the message and ran it again, it was processed without any errors. I suspect that there is a problem wi

RE: SPF SOFTFAIL not working properly

2006-06-21 Thread Jim Hermann - UUN Hostmaster
ittle ironic, that the hostmaster of the once notorious UUnet network, spammers safe haven in the early days, is on the spamassassing mailing list. ;-) -Sietse From: Jim Hermann - UUN Hostmaster [mailto:[EMAIL PROTECTED] Sent: Wed 21-Jun-06 14:31 To:

RE: SPF SOFTFAIL not working properly

2006-06-21 Thread Jim Hermann - UUN Hostmaster
I talked to the programmers for Mail::SPF:Query and they say this must be a problem with Spamassassin. Is anyone else seeing incorrect SPF_SOFTMAIL false positives? Jim -Original Message- From: Jim Hermann - UUN Hostmaster [mailto:[EMAIL PROTECTED] Sent: Monday, June 19, 2006 12:55 AM

RE: SPF SOFTFAIL definition

2006-06-18 Thread Jim Hermann - UUN Hostmaster
Here is another example that I was able to isolate to a test file. The debug looks like this: [28763] dbg: plugin: registering glue method for check_hashcash_double_spend (Mail::SpamAssassin::Plugin::Hashcash=HASH(0x98a6e80)) [28763] dbg: plugin: registering glue method for check_for_spf_helo_pas

RE: SPF SOFTFAIL definition

2006-06-18 Thread Jim Hermann - UUN Hostmaster
Does it mean anything with there is no test after the SPF failed: part of the report? I checked the from domain and it did not have a TXT or SPF record. It is possible that it refused my DNS connection. I don't recall. I saved the message to a file and ran spamassassin on it and it passes now.

Trancated longreport

2006-06-18 Thread Jim Hermann - UUN Hostmaster
Why does the longreport get truncated sometimes? It appears to have something to do with the percent sign in the rule description. In the example below, the percent sign at the end of the BAYES_50 description has been replaced with the word uppercase, which is the last part AFTER the percent si

RE: SPF SOFTFAIL definition

2006-06-18 Thread Jim Hermann - UUN Hostmaster
Is Mail::SpamAssassin::Plugin::SPF adding the Received-SPF: Header? I don't see it in email that received by my server, except for email from [EMAIL PROTECTED] Jim -Original Message- From: Benny Pedersen [mailto:[EMAIL PROTECTED] Sent: Sunday, June 18, 2006 10:56 AM To: users@spamassass

RE: SPF SOFTFAIL definition

2006-06-18 Thread Jim Hermann - UUN Hostmaster
What happens if the DNS records are not available? We don't know if there is a TXT record or not. Jim -Original Message- From: JamesDR [mailto:[EMAIL PROTECTED] Sent: Sunday, June 18, 2006 11:03 AM To: users@spamassassin.apache.org Subject: Re: SPF SOFTFAIL definition Benny Pedersen wr

SPF SOFTFAIL definition

2006-06-18 Thread Jim Hermann - UUN Hostmaster
If the SPF module can't obtain the DNS TXT record due to timeouts, does this get reported as a SOFTFAIL? Jim

RE: Razor2 Error

2006-05-30 Thread Jim Hermann - UUN Hostmaster
90% fullRAZOR2_CF_RANGE_91_100 eval:check_razor2_range('','91','100') tflags RAZOR2_CF_RANGE_91_100 net describe RAZOR2_CF_RANGE_91_100 Razor2 gives confidence level above 90% Jim -Original Message- From: Daryl C. W. O'Shea [mailto:[EMAIL PROTECTED] Sent: Tu

RE: Razor2 Error

2006-05-29 Thread Jim Hermann - UUN Hostmaster
_RANGE_00_01 0.01 score RAZOR2_CF_RANGE_02_10 0.10 score RAZOR2_CF_RANGE_11_50 0.50 score RAZOR2_CF_RANGE_51_100 0.00 score RAZOR2_CF_RANGE_51_90 3.70 score RAZOR2_CF_RANGE_91_100 7.50 -Original Message- From: Daryl C. W. O'Shea [mailto:[EMAIL PROTECTED] Sent: Monday, May 29, 2

RE: Razor2 Error

2006-05-28 Thread Jim Hermann - UUN Hostmaster
I found my problem. I had some custom definitions that used eval:check_razor2_range. I deleted the custom definitions and the error went away. Jim -Original Message- From: news [mailto:[EMAIL PROTECTED] On Behalf Of Jim Hermann Sent: Sunday, May 28, 2006 02:17 PM To: users@spamassassin