Looking for Qmail Experts to help build an independent release of qmail [ot]

he RFC compliant community. So - who want's in? And - if any of you are friends with DJB, feel free to let him know what I'm going to do. Marc Perkel (Thanks in advance for not replying on list)

Re: Any anti-spam solution against outgoing mail?

I would think that rate limiting per sender of say 2 messages a minute might discourage spammers from using your system for outgoing email. Just a thought.

Re: mcafee sees drop in spam?

Maybe it's an old story. I saw a drop last fall but it's come back since then. Jason Staudenmayer wrote: -Original Message- From: Michael Scheidell [mailto:scheid...@secnap.net] Sent: Friday, May 08, 2009 10:57 AM To: SpamAssassin Users List Subject: mcafee sees drop in spam? loo

Re: FreeMail plugin updated - banks

Benny Pedersen wrote: On Sun, May 10, 2009 13:15, Ned Slider wrote: Or maybe I'm trying to reinvent a wheel someone already has up and running :-) a bank without SPF or DKIM signing is NOT worth using Yes - but I think what he's saying is that you have to start with a list of

Re: FreeMail plugin updated

Just curious - how did you build that list? Henrik K wrote: Hello, I've revamped fully the old code. Works still the same, but has some new functions. It's also a bit more careful when parsing body (new parser, emails inside <> are ignored, as well ones inside urls etc), so it might even reduce

Re: FreeMail plugin updated - banks

mouss wrote: Is phishing really a problem for banks? I don't think so. You're kidding right?

Re: EmailBL plugin released - I like it!

Yet Another Ninja wrote: On 5/12/2009 4:32 PM, Marc Perkel wrote: I'm not using your plugin yet but using it from Exim instead and it's working well. Lots of hist. I suppose we'll find out if there's any false positives. Here's how you do it in Exim set acl_c_from

Re: EmailBL plugin released - I like it!

I'm not using your plugin yet but using it from Exim instead and it's working well. Lots of hist. I suppose we'll find out if there's any false positives. Here's how you do it in Exim set acl_c_from_address = ${lc:${address:$h_From:}} set acl_c_from_address_hash = ${md5:$acl_c_from_address} dn

Re: EmailBL plugin released

Do you need more mirrors? I can offer you 4 additional servers. Henrik K wrote: Hi, EmailBL plugin is now available for testing. Small test zone has been running for a while, it contains trapped addresses from some of the most popular freemail domains. http://sa.hege.li/EmailBL.pm (see inside

Re: EmailBL plugin released

I would like to offer my help for your project. So far it's working well. I can offer you any of the following: Data - I have tons of spam if you need to harvest data. Computers - I have a lot of processing power if you need a VPS. Bandwidth - I have some bandwidth to spare rbldnsd servers - I c

Re: An SMTP transaction, SpamAssassin interface

Mike Cardwell wrote: Mike Cardwell wrote: Justin Mason wrote: hi -- this stuff is generally recorded in the Received header, and SA will act on it if it's there. that's the place to do it... The "STARTTLS" example is recorded in the received headers, yes. None of the other 3 examples ar

I want MORE SPAM - MORE SPAM

Hi Everyone, My blacklist hostkarma.junkemailfilter.com is rising in the charts. Here's a blacklist comparison chart. http://www.sdsc.edu/~jeff/spam/cbc.html So - I want to be #1. I want more spam. And you can lost some of your spam at the same time. All you have to do to help out is add a n

Re: I want MORE SPAM - MORE SPAM

Chris Owen wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On May 18, 2009, at 10:36 AM, DAve wrote: Those results differ wildly with my stats over the past year. Barracuda throws far too many FP for me to use on the MTA, I have to use it in SA and let the better tests pull the score u

Re: I want MORE SPAM - MORE SPAM

Aaron Wolfe wrote: +1 for the invaluement lists. they are excellent, sad that they aren't listed in that comparison. we seem to get better results with barracuda than you've seen, many of our clients choose to use the barracuda list to block. we offer the hostkarma lists as well but probab

Got dead domains that get a lot of spam?

Looking for people with dead domains that still get a lot of spam, especially spambot spam. I'm trying to get more spambot data for our hostkarma spam list. If you have such a domain that you aren't using can you set the MX to tarbaby.junkemailfilter.com. It will help stop spammers at the sourc

Re: Got dead domains that get a lot of spam?

ore setting or accepting such a domain. I hope dead = 'has bounced 550 5.1.1 for at least a year to all attempts to previously valid addresses', otherwise, for all intents and purposes, especially this one, "I'm not dead yet". On 19/05/09 8:59 AM, "Marc Perk

Re: Got dead domains that get a lot of spam?

Neil Schwartzman wrote: On 19/05/09 10:55 AM, "Marc Perkel" wrote: That's not how I would define dead. Our system can tell the difference between a good email sent to a dead domain and a spambot. Our definition is any domain that has not current legitimate email. Go

Re: Got dead domains that get a lot of spam?

Ned Slider wrote: John Hardin wrote: On Tue, 19 May 2009, Neil Schwartzman wrote: On 19/05/09 10:55 AM, "Marc Perkel" wrote: That's not how I would define dead. Our system can tell the difference between a good email sent to a dead domain and a spambot. Our definition is

Re: Got dead domains that get a lot of spam?

Karsten Bräckelmann wrote: And I do have a goal of !00% accuracy although that is difficult to attain. While I guess most blacklist operators do aim at a perfect blacklist, regardless of specific definitions and whether others agree or not... That's probably one of the worst shift typos

Re: one domain gets 99% of spam

option8 wrote: on my small server setup, i host around 30 domains. between SA and a fairly aggressive exim setup, very little spam gets through to the end users. most of it doesn't even get far enough to hit my logs. however, one domain that i host gets constantly bombarded, and has since i to

Re: one domain gets 99% of spam

Aaron Wolfe wrote: On Wed, May 20, 2009 at 1:09 AM, Marc Perkel wrote: option8 wrote: on my small server setup, i host around 30 domains. between SA and a fairly aggressive exim setup, very little spam gets through to the end users. most of it doesn't even get far enough to h

Re: Got dead domains that get a lot of spam?

LuKreme wrote: On 19-May-2009, at 20:34, Karsten Bräckelmann wrote: Other than that, I recently enabled Hostkarma blacklists here, just to check. FWIW, it's scoring *really* good for me. So good, I seriously toned it down. I want to evaluate it first. For that, I need something even close to a

Re: Got dead domains that get a lot of spam?

Mike Cardwell wrote: Marc Perkel wrote: BTW - for those who are curious, the lists are generated mostly from Exim rules. Exim has a feature that allows me to track hosts that don't use QUIT to close a connection. Thus the combination of fake mx, no quit, No or bad RDNS or dynamic IP

Re: Got dead domains that get a lot of spam?

Ned Slider wrote: Karsten Bräckelmann wrote: And I do have a goal of !00% accuracy although that is difficult to attain. While I guess most blacklist operators do aim at a perfect blacklist, regardless of specific definitions and whether others agree or not... That's probably one of the wor

Re: Got dead domains that get a lot of spam?

Henrik K wrote: On Wed, May 20, 2009 at 01:41:12PM +0100, Mike Cardwell wrote: Ned Slider wrote: I've also just recently enabled these lists in SA so am still in the very early stages of testing. I initially did get one FP hit against the whitelist (spam message sent through an ISP

Using p0f to detect spam bots

Benny Pedersen wrote: On Wed, May 20, 2009 11:25, Mike Cardwell wrote: A cool idea would be an application in a similar vain to p0f, but which passively detected the SMTP client software, rather than operating system. It might then be possible to distribute signatures that identified speci

Re: one domain gets 99% of spam

option8 wrote: it is common for one domains to get an order of magnitude more spam than another that seems just like it. like mark said, it probably won't stop. low overhead techniques like greylisting or no listing can reduce the stress on your server quite a bit. configuring your mta

Re: Got dead domains that get a lot of spam?

Mike Cardwell wrote: Matus UHLAR - fantomas wrote: I've also just recently enabled these lists in SA so am still in the very early stages of testing. I initially did get one FP hit against the whitelist (spam message sent through an ISP smtp server in the whitelist) On 20.05.09 13:41, M

Re: Got dead domains that get a lot of spam?

Mike Cardwell wrote: Matus UHLAR - fantomas wrote: I just think that a whitelist entry should be an absolute "no spam comes from here unless something goes tits up" type entry, and all hosts on it should be manually checked... IIUC this is whitelist of type "don't blacklist these hosts"...

Re: I want MORE SPAM - MORE SPAM

Thanks for your support everyone. In the last month my blacklist has doubled in size and trapping a lot more spam bots. But still looking for more spam so if any of you want to get a little less spam and help me build my spam bot list then here's the instructions: http://wiki.junkemailfilter.c

Re: EmailBL future

What do you need to make it survive? It works great for me. Yet Another Ninja wrote: As you all know, on July 1st the emailbl.me test zone will go dark. I helped Henrik test the plugin and find mirrors for the data which was being fed by feeds dedicated to this test only. Would be nice to se

Re: EmailBL future

Yet Another Ninja wrote: On 5/28/2009 6:27 PM, Marc Perkel wrote: What do you need to make it survive? It works great for me. I won't be involved at all. It needs data, mirrors, zone, all what a RBL needs. I'll do the mirrors - provide server - I have data - I don't hav

Looking for whitelist domain data

I'm looking for domains to whitelist that meet this criteria: All email from the domain is 100% good The FcRDNS matches the domain name Example: *.wellsfargo.com Silimarly I'd like domains for my yellow list. Yellow is mixed spam/hame sources like yahoo, gmail, hotmail, etc. Example: *.yahoo

Re: Hostkarma whitelist problem

No list is perfect. Thanks for reporting it. Although I try to get everything right there will always be mistakes. Sometimes I do get to leaning white because false positives are 100 times worse than a few spams getting through. Probably what happened with that is that the sender does a pretty

Re: Hostkarma whitelist problem

bsite so we don't have to send these to the list. Bowie Marc Perkel wrote: No list is perfect. Thanks for reporting it. Although I try to get everything right there will always be mistakes. Sometimes I do get to leaning white because false positives are 100 times worse than a few spa

Re: Hostkarma whitelist problem

mouss wrote: Bowie Bailey a écrit : I couldn't find any place on junkmailfilter website to report this, so I'll put it here. I received a 419 scam email with this whitelist hit: so what? I keep getting 419 from google, yahoo, ... but they are still whitelisted. Actually yahoo

Re: Hostkarma whitelist problem

Mike Cardwell wrote: Bowie Bailey wrote: I couldn't find any place on junkmailfilter website to report this, so I'll put it here. I received a 419 scam email with this whitelist hit: * -3.0 RCVD_IN_JMF_W RBL: Sender listed in JMF-WHITE * [213.4.129.18 listed in hostkarma.junkemailfilt

Short URL provider list?

Does anyone have a list of all domains that provide short url redirection?

Hostkarma Blacklist Climbing the Charts

For what it's worth I'm now ahead of Barracuda on Jeff Makey's blacklist comparison chart. Not a scientific comparison but it's about all there is to compare blacklists. Now only abuseat.org and spamhaus have me beat. (apews doesn't count because they blacklist everything) http://www.sdsc.edu/

Re: Short URL provider list?

Thanks for the lists. I'm not sure what I'm going to do with it but I'm going to see if I can find a way to use it.

Re: Backscatter.org used as RBL??

d.h...@yournetplus.com wrote: Quoting LuKreme : On Aug 4, 2009, at 6:35, d.h...@yournetplus.com wrote: Quoting LuKreme : On 3-Aug-2009, at 18:36, Dennis G German wrote: Is Backscatter.org used by any rules? Pretty sure not. The way to use that

Re: Backscatter.org used as RBL??

Mike Cardwell wrote: Marc Perkel wrote: Backscatter.org is the worst RBL on the planet. If you use it you will get a lot of false positives. Lets compare backscatterer's recommended usage of their list in your favourite MTA against your own recommendation for usage of your hostkarm

Re: Backscatter.org used as RBL??

Mike Cardwell wrote: Marc Perkel wrote: Backscatter.org is the worst RBL on the planet. If you use it you will get a lot of false positives. Lets compare backscatterer's recommended usage of their list in your favourite MTA against your own recommendation for usage of your hostkarm

Re: Backscatter.org used as RBL??

Matus UHLAR - fantomas wrote: On 06.08.09 15:37, Marc Perkel wrote: This might be an advanced concept for you but what I meant was - deliberately send spam. Everyone doing sender verification is someone who is trying to BLOCK spam, and therefore are the good guys. I also

Barracuda RBL in first place

http://www.sdsc.edu/~jeff/spam/cbc.html It appears from Jeff's Blacklists Compared list the Barracuda has overtaken spamhaus for the #1 position. Not sure about the accuracy of the list as compared to spamhaus but seams reasonably good to me. I don't really count apews myself since they are ex

Re: Barracuda RBL in first place

Mike Cardwell wrote: Marc Perkel wrote: http://www.sdsc.edu/~jeff/spam/cbc.html It appears from Jeff's Blacklists Compared list the Barracuda has overtaken spamhaus for the #1 position. Not sure about the accuracy of the list as compared to spamhaus but seams reasonably good to m

Re: Barracuda RBL in first place

rich...@buzzhost.co.uk wrote: On Fri, 2009-08-14 at 06:30 -0700, Marc Perkel wrote: http://www.sdsc.edu/~jeff/spam/cbc.html It appears from Jeff's Blacklists Compared list the Barracuda has overtaken spamhaus for the #1 position. Not sure about the accuracy of the li

Re: Barracuda RBL in first place

Aaron Wolfe wrote: On Fri, Aug 14, 2009 at 11:24 AM, Chris Owen wrote: On Aug 14, 2009, at 10:13 AM, Mike Cardwell wrote: The comparisons on that page are useless. What matters is list policy, reliability and reputation. SpamHaus is hands down the best dnsbl.

Re: Barracuda RBL in first place

rich...@buzzhost.co.uk wrote: I have to agree with LuKreme, my overnight had 446 blocked prior to RBL, and only 387 by RBL. Again, noted that 'Barracuda' missed 43, 35 of these Spamhaus caught - so for me Spamhaus is still better than Barracuda. Also, I was sat in on a phone conference at

Re: SA and mail from backup mx?

One of the tricks spammers do is send to the backup servers first because they often have less filtering. If you want I have a free MX backup service that helps me harvest those bots. Here's a couple of solutions: http://wiki.junkemailfilter.com/index.php/Project_tarbaby http://www.free-mx-bac

Writing an article to help users avoid black lists

Trying to write a how-to type article about setting up email servers correctly with an eye on avoiding getting blocked by spam filters. Here's what I have so far. http://wiki.junkemailfilter.com/index.php/Keeping_Your_Server_Off_Black_Lists Looking for more ideas and suggestions to make this b

Re: Experimental Plugin: MetaSVM

So - what ever happened to this project? Was it finished? decoder wrote: LuKreme wrote: I don't see any need for the model to be dynamic. Periodic recalculation of it should be just fine. I bet even daily reprocessing will prove to be over zealous. Weekly, perhaps even monthly. This is wha

Free MX backup service that hels build my blacklist

I'm giving away a free MX backup service so that if your server goes down our servers will store and forward your email. You will also get some spam reduction especially from virus bots. Setup is automatic and all you have to do is change your MX records. Here's the instructions: http://www.fr

Re: Hostkarma Blacklist Climbing the Charts

Warren Togami wrote: On 07/09/2009 09:57 PM, Marc Perkel wrote: For what it's worth I'm now ahead of Barracuda on Jeff Makey's blacklist comparison chart. Not a scientific comparison but it's about all there is to compare blacklists. Now only abuseat.org and spamhaus

Re: Hostkarma Blacklist Climbing the Charts

Warren Togami wrote: On 09/28/2009 01:32 PM, Marc Perkel wrote: Warren Togami wrote: On 07/09/2009 09:57 PM, Marc Perkel wrote: For what it's worth I'm now ahead of Barracuda on Jeff Makey's blacklist comparison chart. Not a scientific comparison but it's about all

rbldns help OT

This should be easy but I'm missing something. I have a RBL list (dnset) for host testbl.junkemailfilter.com :2:Test .xx.host.example.com :4: .host.example.com :3: .example.com :9: .com :6: Works fine. But - I want to create an A record for testbl.junkemailfilter.com of 65.49.42.100. How do I

Re: Hostkarma Blacklist Climbing the Charts

Warren Togami wrote: On 09/28/2009 01:32 PM, Marc Perkel wrote: I'd be interested in how well it worked. Is there anything I need to do to help? http://wiki.junkemailfilter.com/index.php/Spam_DNS_Lists Could you provide a URL redirector to this page? This URL is very long. Pe

Re: Hostkarma Blacklist Climbing the Charts

Warren Togami wrote: On 09/28/2009 06:53 PM, Marc Perkel wrote: Warren Togami wrote: On 09/28/2009 01:32 PM, Marc Perkel wrote: I'd be interested in how well it worked. Is there anything I need to do to help? http://wiki.junkemailfilter.com/index.php/Spam_DNS_Lists Could you pr

Understanding the hostKarma Lists

o.com, gmail.com then you can skip all other IP testing because the IP address tells you nothing about if it is or isn't spam. Warren Togami wrote: On 09/28/2009 10:07 PM, Marc Perkel wrote: I'd like to keep the name HOSTKARMA as standard. If that's so, then we probably wan

Re: Hostkarma Blacklist Climbing the Charts

MySQL Student wrote: Hi, Hopefully my comment isn't out of place with the current discussion of JMF/Hostkarma. I think this is not only a really bad default score, but it should be reduced to -0.5 or perhaps not used at all. I have a money/fraud email that hit RCVD_IN_JMF_W that passed throug

Re: Hostkarma Blacklist Climbing the Charts

Blaine Fleming wrote: Marc Perkel wrote: My NoBL list is similar to yellow except that you can skip black list lookup but maybe might be whitelisted somewhere. I keep seeing IPs that are on both the NoBL *and* the blacklist. An example of this 89.206.179.213. That

Hostkarma white list

For those of you getting spam from IPs/Hostnames on my hostkarma white list, if you could email me a list of false hits (IP or host name) I could probable clean out the bad entries in the white list pretty quick.

Rule name for hostKarma Lists

I will go along with the consensus of the group. Jari Fredriksson wrote: It seems that people have already been using the rules copied from your site. It will be confusing to them if we change the official name. Some will accidentally have your lists twice. RCVD_HOSTKARMA_BL Black R

Re: Understanding the hostKarma Lists

Warren Togami wrote: On 09/29/2009 12:50 PM, Warren Togami wrote: On 09/29/2009 12:45 PM, Henrik K wrote: It seems that people have already been using the rules copied from your site. It will be confusing to them if we change the official name. Some will accidentally have your lists twice.

Re: Understanding the hostKarma Lists

R-Elists wrote: RCVD_HOSTKARMA_BL Black RCVD_HOSTKARMA_WL White RCVD_HOSTKARMA_YL Yellow RCVD_HOSTKARMA_BR Brown OTOH, I really like these new names. My brain thinks less hard to recognize them. How do other people feel. Should we stick to his old names with JMF in the W

Re: Understanding the hostKarma Lists

I like it. RCVD_IN_HOSTKARMA_BL RCVD_IN_HOSTKARMA_WL RCVD_IN_HOSTKARMA_YL RCVD_IN_HOSTKARMA_BR Let's go with it. Warren Togami wrote: On 09/29/2009 08:56 PM, Marc Perkel wrote: Could you please decide between the existing JMF rule names or the above proposed HOSTKARMA names? It

Re: Hostkarma: to be or not to be in SA defaults

Yet Another Ninja wrote: been following Warren Togami's aggressive lobbying for adding RBLs to SA's defaults, and I have some questions: - is it wise to add yet even more lookups to BLs and slow down SA's already huge amount of DNS lookups. - is the BL in question (which ever it may be) pr

Re: Hostkarma: to be or not to be in SA defaults

LuKreme wrote: On 29-Sep-2009, at 23:41, Yet Another Ninja wrote: been following Warren Togami's aggressive lobbying for adding RBLs to SA's defaults, and I have some questions: - is it wise to add yet even more lookups to BLs and slow down SA's already huge amount of DNS lookups. Slow d

Re: Understanding the hostKarma Lists

Blaine Fleming wrote: Marc Perkel wrote: I like it. RCVD_IN_HOSTKARMA_BL RCVD_IN_HOSTKARMA_WL RCVD_IN_HOSTKARMA_YL RCVD_IN_HOSTKARMA_BR Let's go with it. Marc, have you updated your wiki to reflect the new rules? I think that will pretty well settle any deba

Re: Hostkarma: to be or not to be in SA defaults

SM wrote: Hi Marc, At 09:32 30-09-2009, Marc Perkel wrote: I have a lot of mighty servers set up ad have servers at 4 locations. I have 50mb bought and using about 30 of it now. I am not sure what it takes to support a default SA inclusion. Does anyone know if what I described sounds like

Re: Understanding the hostKarma Lists

Updated that as well. R-Elists wrote: marc   dont forget this one   http://wiki.apache.org/spamassassin/MarcPerkelsExperiments    - rh From: Marc Perkel [mailto:m...@perkel.com]   snip  Yes - the wiki is updated.

Re: DNSWL and JMF White false positives, what to do exactly?

Charles Gregory wrote: On Fri, 2 Oct 2009, RW wrote: However, if you want to be understood you need to speak the Lingua Franca. If you choose to use a term differently than everyone else you WILL be misunderstood and corrected. If everyone calls an apple an orange, then yeah, it's an orange.

Re: Spam Eating Monkey?

Warren Togami wrote: http://spameatingmonkey.com Anyone have any experience using these DNSBL and URIBL's? Is anyone from this site on this list? I wonder if we should add these rules to the sandbox for masschecks as well. Warren Togami wtog...@redhat.com I've been using them for a few

Hostkarma White list Updated and Improved

In the last week I've put a lot of effort into improving the accuracy of my white lists. Especially for those of you who are critical of the accuracy of hostkarma white list I'd like you all to test it now and tell me how it works now. I have to admit that I have been less motivated in the past

Re: Hostkarma White list Updated and Improved

John Hardin wrote: On Mon, 5 Oct 2009, Marc Perkel wrote: Our white list is supposed to be a source of pure good email. So if spam comes for any of the white listed IPs then it's an error. Whose? Yours or theirs? Meaning: is a single spam reason for an IP to be dropped from the host

Re: Hostkarma White list Updated and Improved

Jon Trulson wrote: On Mon, 5 Oct 2009, Marc Perkel wrote: John Hardin wrote: On Mon, 5 Oct 2009, Marc Perkel wrote: Our white list is supposed to be a source of pure good email. So if spam comes for any of the white listed IPs then it's an error. Whose? Yours or theirs? Meaning:

Rule and Rule

Starting to write some SA rules again. What is the syntax for a rule where it's true if two other rules are both true? Need a small example. Thanks in advance

Re: Rule and Rule

John Hardin wrote: On Fri, 9 Oct 2009, Marc Perkel wrote: Starting to write some SA rules again. What is the syntax for a rule where it's true if two other rules are both true? Need a small example. meta NAME (rule1 && rule2) It's essentially Perl logical expression

Re: Rule and Rule

John Hardin wrote: On Fri, 9 Oct 2009, Marc Perkel wrote: It's essentially Perl logical expression syntax, and basic math expression syntax if you want to count: meta NAME rule1 && (rule2a + rule2b + rule2c + rule2d > 2) When adding rules is it a count of the number

SA needs a new paradigm for rule structure

I've brought this idea up over the years but I'll try to explain it in a different way. Maybe we can do this with a lot of meta rules. What we need are rules that combine a lot of simple rules into concepts and then combine those rules into rules that score - and score big. As an example, lets

Re: SA needs a new paradigm for rule structure

Karsten Bräckelmann wrote: On Fri, 2009-10-09 at 08:14 -0700, Marc Perkel wrote: I've brought this idea up over the years but I'll try to explain it in a different way. Maybe we can do this with a lot of meta rules. What we need are rules that combine a lot of si

Re: SA needs a new paradigm for rule structure

Ted Mittelstaedt wrote: Marc Perkel wrote: I've brought this idea up over the years but I'll try to explain it in a different way. Maybe we can do this with a lot of meta rules. What we need are rules that combine a lot of simple rules into concepts and then combine those rules

Spam filtering on outgoing email

I'm thinking about starting a service to filter spam on outgoing email. I was wondering if anyone has any experience doing this and has some advice on how to do it. These customers will be businesses, not freemail customers, and one of the only real threats is if someone gets hacked or has some

Re: SA needs a new paradigm for rule structure

RW wrote: On Fri, 09 Oct 2009 23:40:01 -0700 Ted Mittelstaedt wrote: I know that it seems like the idea of building up "meta" rules with a lot of small rules will give you a more accurate hit rate, but this is one of those non-intuitive things that can be shown by statistical

Re: Spam filtering on outgoing email

Warren Togami wrote: On 10/10/2009 11:27 AM, Marc Perkel wrote: I'm thinking about starting a service to filter spam on outgoing email. I was wondering if anyone has any experience doing this and has some advice on how to do it. These customers will be businesses, not freemail customers

Re: DNSBL Comparison 20091010

Warren Togami wrote: The following is an apples to apples comparisons of DNSBL lastexternal rules against the October 10th, 2009 weekly_mass_check corpora. HOSTKARMA and SEM are new. Hopefully these masscheck results can help to identify problems so list quality can improve over time. http

White lists and white rules

Henrik K wrote: On Sun, Oct 11, 2009 at 01:10:17PM -0400, Adam Katz wrote: Here are the default scores for the DNSWLs I know of: RCVD_IN_DNSWL_LOW 0 -1 0 -1 RCVD_IN_DNSWL_MED 0 -4 0 -4 RCVD_IN_DNSWL_HI 0 -8 0 -8 RCVD_IN_HOSTKARMA_W -5 # (nondefault rule, Marc's suggested score)

Re: White lists and white rules

Warren Togami wrote: On 10/12/2009 09:18 AM, Marc Perkel wrote: For what it's worth there are really only 3 serious white lists on the planet. I'm surprised no one is testing the emailreg list. There are dozens of black lists. Doing white lists is actually easier than doing b

Re: SA needs a new paradigm for rule structure

Title: RE: SA needs a new paradigm for rule structure Chris Santerre wrote: > -Original Message- > From: Ted Mittelstaedt [mailto:t...@ipinc.net] > Sent: 2009-10-10 02:40 > To: Marc Perkel > Cc: users@spamassassin.apache.org

Re: Hostkarma whitelist needs something..

Jari Fredriksson wrote: I just started using Katz's wiki rules and it brought HOSTKARMA with it. I have not yet seen any blacklists of HOSTKARMA, but the whitelists are there. RANKRULE NAME COUNT %OFMAIL %OFSPAM %OFHAM 9RCVD_IN_HOSTKARMA_WL 77

Re: Hostkarma whitelist needs something..

Henrik K wrote: On Wed, Oct 14, 2009 at 03:25:36AM -0700, Marc Perkel wrote: Jari Fredriksson wrote: I just started using Katz's wiki rules and it brought HOSTKARMA with it. I have not yet seen any blacklists of HOSTKARMA, but the whitelists are there.

Re: Hostkarma whitelist needs something..

Jari Fredriksson wrote: 14.10.2009 19:17, R-Elists kirjoitti: All I can say is that if these numbers were real or typical I would be out of business. perkel, i might be wrong, yet it doesnt appear to me that Jari have enough mail volume to have a reasonable statistical base...

Re: Hostkarma whitelist needs something..

Mike Cardwell wrote: Jari Fredriksson wrote: Jari, How did you produce the great looking statistics? Thanks, Rick It's a perl script called sa-stats.pl I tried not google it for you, but could not find the original. Many scripts with the same name though.. I put that to my server as ht

Re: Constant Contact

Adam Katz wrote: Does anybody here know anything about the legitimacy of Constant Contact ? In preparing a list of HOSTKARMA_W violators for Marc, I noticed a very large amount of spam, coming from completely different companies, was sent through

Re: Constant Contact

One factor in scoring white list like mine is that different people have different definitions as to what is spam. And people have different values as to blocking spam at the expense of blocking good email. In my business if I block a good email it's worse than 100 spams getting through. I am p

Re: Constant Contact

Tara Natanson wrote: On Fri, Oct 16, 2009 at 12:49 PM, Adam Katz wrote: Does anybody here know anything about the legitimacy of Constant Contact ? Hello, I work for Constant Contact. We take reports of spam very seriously. Complaints are processed through our abus

Is there a WANTS_MY_INFO rule?

To catch this: In order to confirm you Web-Mail identity, you are to provide the following data; First Name: Last Name: Username/ID: Password: Date of Birth: Affirm your willingness and cooperation please, by replying me stating your FULL NAME, DATE OF BIRTH, TELEPHONE NUMBER, FAX NUMBER, and

Re: Constant Contact

R-Elists wrote: I wouldn't say they are perfect but they try to be. It's close enough for my white list. They shut down abusers and the opt out works. marc, we shouldnt have to opt out... -rh Perhaps, but it doesn't make it spam.

Re: false positive on hostkarma blacklist

Fixed Michael Monnerie wrote: http://ipadmin.junkemailfilter.com/remove.php?ip=62.40.128.130 Just received this FP from a customer. That IP is indeed an MX for kabsi.at, a big cable provider in Austria. Please put it on YELLOW. mfg zmi

Hostname Based Black/White lists

Does SA support host name based black/white lists? I suppose to do it right you might have to pick a specific received line to get the host that sent you the email, do FCrDNS, and then do the lookup. Is something like this available? I'm doing it in Exim on my system, but Exim has the host con

<    1   2   3   4   5   6   7   8   9   10   >