.
* -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
* -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
* author's domain
you can safely welcomelist_from_dkim their mail address.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ;
Root Cause Analysis (in order):
1) DNSWL does not provide blocked codes. That deviates from
most DNS-query based systems.
On 24.09.24 20:43, Matthias Leisi wrote:
This is wrong.
On 26/09/24 01:20, Matus UHLAR - fantomas wrote:
I have checked with 1.1.1.1, where queries only return
DNSWL would return 127.0.0.255
in addition to 127.0.10.3
- there is already rule to suspend
header RCVD_IN_DNSWL_BLOCKED eval:check_rbl_sub('dnswl-firsttrusted',
'^127\.0\.\d+\.255$')
dns_block_rule RCVD_IN_DNSWL_BLOCKED list.dnswl.org
--
Matus UHLAR - fantoma
ctor.
Is there any possibility to detect clients using open DNS, perhaps other
than RCVD_IN_ZEN_BLOCKED_OPENDNS ?
Then, block all dnsbl/rhsbl rules?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovan
may be kinda filing it up.
With SA 3.4.X - on average 100MB and it deletes on the fly
With SA 4.X - on average 2-6GB and I had to do a quick fix:
59 23 * * * root find /var/lib/amavis/tmp/ -mtime +0 -delete;
W dniu 18.09.2024 o 16:09, Matus UHLAR - fantomas pisze:
On 18.09.24 13:42, Grega via
15:28:48 CEST 2024
How do you call spamassassin, directly, via spamass-milter, amavis or other
way?
Did you tune any bayes settings?
Do you have your trusted_networks and internal_networks set up properly?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish
with Score -5 because of this...
other experiences? does they answer e-mails? mine got not in weeks
RCVD_IN_RP_CERTIFIED=-3, RCVD_IN_RP_RNBL=1.31, RCVD_IN_RP_SAFE=-2]
many thanks
Are you using an ancient SA version?
Those rules were removed/changed in March 2021
--
Matus UHLAR
ribl.com gov.sk.multi.surbl.org
gov.sk.dbl.spamhaus.org gov.sk.lookup.dkimwl.org
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Due t
ar?
Looks like it is still a low %, except this T_DATE_IN_FUTURE_96_Q
DATE_IN_FUTURE_03_06
0.1% DATE_IN_FUTURE_12_24
0.1% DATE_IN_FUTURE_06_12
31% T_DATE_IN_FUTURE_96_Q
I believe I don't have to explain how spammers use(d) this to show their
mail first in their MUAs
--
Matus UHLAR -
4 08:51:37 +0200
On 22.07.24 09:58, Marc wrote:
This does not look like something out of the ordinary not? Even if it is a
timezone/summertime issue it is still not 'is 24 to 48 hours after'
This looks correctly.
I remember seeing this issue when users put incorrect date or incorrect
Hello,
I was hoping to fix this finally...
On 5/17/24 3:17 PM, Matus UHLAR - fantomas wrote:
I have configured exclusion for some common domains e.g. gov.sk in SA:
uridnsbl_skip_domain [...] gov.sk slovensko.sk
However it seems that that domain is still queried:
9826 68.951573
both enabled
its up to you to add more authres_trusted_authserv or more
authres_ignored_authserv lines
possible we can now have a very long debate on dmarc plugin ? :)
Matus UHLAR - fantomas skrev den 2024-07-03 16:14:
Please, Simon, quote the text you are replying to.
On 03.07.24 17:47
yet.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
(R)etry, (A)bort, (C)ancer
want to upgrade to ubuntu 24.04 LTS which has SA 4.0.0 included.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Remember half the people
:13
/var/lib/spamassassin/.spamassassin/
YMMV of course
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Quantum mechanics: The dreams stuff is made of.
gests the user and not
users@
I guess that the "sexikäs" causes troubles.
Do you use SA 4.0 ? That should be compatible with utf-8.
Matus UHLAR - fantomas 2024-06-18 14:00 >>>
On 18.06.24 13:50, Anders Gustafsson wrote:
body LOCAL_PORN_RULE /word1|word2.|x69-JOOGA
uld be able to see which string matched
Finally, SA recommends using multiple rules with small scores instead of
single rule with huge score.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na
?
Someone obviously has one of:
Resent-From
Envelope-Sender
Resent-Sender
X-Envelope-From
From
address in whitelist (renamed welcomelist since).
you just need to find out which and where.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail
Am 2024-06-14 21:20, schrieb Matus UHLAR - fantomas:
If you want to find out more, feed the mail to "spamassassin -D" and
that should explain which text matched which rules.
and as we told you already, your client should NOT play with small
or semi-invisible text in mail. That'
Am 2024-06-14 18:24, schrieb Matus UHLAR - fantomas:
1. as I said it's hard to find out without the body
2. hiding data indicates a spammer.
On 14.06.24 19:15, Thomas Barth via users wrote:
Yes, I've now realized that I can simply grep for the descriptions.
grep -ri "FONT_INV
Am 2024-06-14 17:11, schrieb Matus UHLAR - fantomas:
FONT_INVIS_NORDNS=1.544
HTML_FONT_TINY_NORDNS=1.514
RDNS_NONE=0.793
working fcrdns would fix much for them.
However, not doing stupid shit with fonts would help even more:
FONT_INVIS_MSGID=2.497
FONT_INVIS_NORDNS=1.544
HTML_FONT_TINY_NORDNS
d the definitions on your old site
https://spamassassin.apache.org/old/tests_3_1_x.html.
why 3.1?
FONT_INVIS_NORDNS, FONT_INVIS_MSGID, HTML_FONT_TINY_NORDNS, RDNS_NONE
Is there no current version of the test definition.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warni
sider retiring Pyzor as "no longer
effectively maintained"?
consider, probably. However pyzor still generates hits and helps catch
spam, at least on my server.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising
uld enable automatic rule updates in /etc/default/spamassassin:
CRON=1
As another general recommendation, run local caching non-forwarding DNS
server on mail server and don't use public DNS resolvers:
https://cwiki.apache.org/confluence/display/SPAMASSASSIN/CachingNameserver
--
M
e ASF rule
maintenance system. It is irrelevant to an operational
deployment.
I have no idea why Debian installs that file at all.
On 6/5/24 09:17, Matus UHLAR - fantomas wrote:
It does not, I guess that the OP did because of misunderstanding
of what it does.
On 6/5/24 11:14, postgarage Gr
olete/invalid rules there.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
The only substitute for good manners is fast reflexes.
signatures.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Windows 2000: 640 MB ought to be enough for anybody
On 03.06.24 12:02, Matus UHLAR - fantomas wrote:
On 03.06.24 07:26, postgarage Graz IT wrote:
A few days ago a lot of false negatives landed in our inboxes. As it
turned out the reason was that the for nearly all mails the
RCVD_IN_VALIDITY_CERTIFIED and RCVD_IN_VALIDITY_SAFE rules matched.
I
tive.list?
reload spamd or amavis, the rules in /var/lib/spamassassin/ are used by
default.
Maybe you need to enable cron job by setting CRON=1 in
/etc/default/spamassassin and it will happen automatically.
...I have no idea how active.list works.
--
Matus UHLAR - fantomas, uh...@fantomas
ult: dkim=fail -@ ...@hotmail.com
[@]# dig +short -t mx hotmail.com
2 hotmail-com.olc.protection.outlook.com.
etc etc.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTA
ASS=-0.001, SPF_PASS=-0.001,
TO_NO_BRKTS_NORDNS_HTML=0.001]
autolearn=no autolearn_force=no
So, at least dnsbls work well for you.
What can I do? With these SPAMS, I have the impression that the
senders know exactly how to trick Spamassassin.
--
Matus UHLAR - fantomas, uh...@fantomas
use SQL or LDAP config so they will
use the same.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
We are but packets in the Internet of life (userfriendly.org)
in documentation
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
You have the right to remain silent. Anything you say will be misquoted
URL even if you don't see
it.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
He who laughs last thinks slowest.
ed_above=2 required=6.31
tests=[DMARC_MISSING=0.001, FSL_BULK_SIG=0.001,
Amavis has some more scores than stock SA, of course they can be modified if
your scanner is well trained.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail a
, and perhaps it is true that they are mostly spam.
where is the rule stored? what file?
On May 10, 2024, 17:18, Rupert Gallagher wrote:
I only have stock and KAM, and it is definitely not a custom rule of mine.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I
what R_DCD means, and search indexes do not help. Short of
reading the source code, does anybody know what R_DCD means?
I have no idea. where did you get this rule from?
I don't see it in stock rules
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish N
tagged_above=2 required=6.31
tests=[DMARC_MISSING=0.001, FSL_BULK_SIG=0.001,
HTML_FONT_LOW_CONTRAST=0.001,
HTML_IMAGE_ONLY_24=1.282, HTML_IMAGE_RATIO_02=0.001,
HTML_MESSAGE=0.001,
MIXED_HREF_CASE=1.999, PYZOR_CHECK=1.985, RELAYCOUNTRY_BAD=2,
SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_TVD_MIM
list_bounce_relays, which defines
servers who send your e-mail - thus you know bounces from those hosts are
legitimate. the original message opriginated from mailgun, perhaps you need
to add its servers.
it matches bounces since its a bounce, alt that is seen as a results
of forwarding emails
On 24.04.24 18:50, Benny Pedersen wrote:
unsure so i ask :)
try to explain your question a bit more
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek
Contains a spam URL
listed in the Spamhaus DBL blocklist
25_uribl.cf:tflags URIBL_DBL_SPAM net domains_only notrim
25_uribl.cf:reuse URIBL_DBL_SPAM
...
And I dont have idea how disable all check in spamhaus.org
--
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; htt
D-HEADER-7 {RelayedInbound}, [34.23.17.0]:38582 [34.23.17.0] <> ->
, Queue-ID: 4VBDq04Bn7z1Q9qQ, mail_id: 6LRhEwtUmP7u,
Hits: -, size: 10888, queued_as: 4VBDq06n69z1Q9q1, 358 ms
I check and I not found any <> in whitelist
check amavis config.
--
Matus UHLAR - fantomas, uh
On 03.04.24 11:18, natan wrote:
Where in pdns-recursor? I use pdns-recursor
/etc/powerdns/recursor.conf
W dniu 3.04.2024 o 13:17, Matus UHLAR - fantomas pisze:
This is not about pdns-recursor itself. It's about using own
recursing DNS server
- you you don't use DNS server o
Or maybe some other lists connected?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Enter any 12-digit prime number to continue.
::Conf doesn't say that I
could find.
You'd think the first would happen first, since it's more specific.
Or, maybe that both would happen.
On Mar 28, 2024, at 2:39 AM, Matus UHLAR - fantomas wrote:
they both should happen.
note that the second argument must be Received: hea
o that argument depends on proper TrustPath set up
https://cwiki.apache.org/confluence/display/SPAMASSASSIN/TrustPath
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOS
ame to spamd which then should use that users'
user_prefs file (if it exists) unless spamd was started with "-x" parameter
or can't access that file.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advert
n exmaple:
From: ya...@gmail.com
Return-path: ya...@yahoo.com
If I send an email that would have those headers Spamassassin is getting a
hit for my NOT_IT rule but that should not match because __RETURNAPTH_IS
should not get a hit.
How can I troubleshoot this?
--
Matus UHLAR - f
On 19.02.24 15:03, Dejan Doder wrote:
Please unsubscribe me from list
We can't, the process is user-driven.
send mail to users-unsubscr...@spamassassin.apache.org
and confirm in the confirmation mail that will be sent to tou.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ;
ns when you use --lint, because it skips
network checks, including DCC.
spamassassin --prefs-file=/etc/spamassassin/local.cf -D 2> tmp.out < ~/test.eml
I have already asked why you use --prefs-file.
You have not answered my question and simply deleted it.
--
Matus UHLAR - fantomas, uh.
, February 19, 2024 at 01:42:46 PM GMT+1, Matus UHLAR - fantomas
wrote:
On 19.02.24 12:37, Pedro David Marco via users wrote:
Does anyone know of a plugin for content modification?
SpamAssassin detects spam, it is not designed to tho content modification.
an example, i want to change the word
for example you can cause changing middlesex to
middle--- or sextant to ---tant. You would also invalidate DKIM signatures.
Try avoiding this clbuttic problem.
https://en.wikipedia.org/wiki/Scunthorpe_problem
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I w
I have "loadplugin Mail::SpamAssassin::Plugin::DCC" in
/etc/spamassassin/v310.pre
- try uncommenting it there.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
WinError #98652: Operation completed successfully.
ad of
/etc/default/spamassassin for start-up options.
On 14.02.24 00:23, Ken Wright wrote:
So it's normal? I don't need to obsess over it?
You don't. Just note it for further installations.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT
Thanks in advance!
On 14.02.24 06:15, Niels Kobschätzki wrote:
The service seems to be have renamed. It is the same on Debian. You also
have to change now /etc/default/spamd instead of /etc/default/spamassassin
for start-up options.
and the "spamd" package as well.
--
Matus
4.0 as well.
On 2/5/24 09:49, Matus UHLAR - fantomas wrote:
what if you do?
does ExtractText only run one of configured programs for the same type of file?
On 05.02.24 12:14, giova...@paclan.it wrote:
Exactly, ExtractText only run the first configured program for the same type of
fil
programs for the same type of
file?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
A day without sunshine is like, night.
On 2024-01-30 at 12:08:18 UTC-0500 (Tue, 30 Jan 2024 18:08:18 +0100)
Matus UHLAR - fantomas
is rumored to have said:
[...]
autolearn may help if your DB is well maintained, although I have
disabled nearly all rules with negative scores, like
RCVD_IN_DNSWL_*
RCVD_IN_IADB_* DKIMWL_WL_
DITY_*
USER_IN_DEF_*
ALL_TRUSTED
etc, because spammers often abuse these.
I mean, they may have negative score but don't train on them.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto ad
0 1172945918 0 non-token data: oldest atime
so, even old spam mey be fine. You however need much of ham to train
otherwise everything starts looking like spam.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail adverti
ing to get the fricken thing on the fricken machine
in the fricken first place.
I am not going to run cpan with force because that may hide *real* errors.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this addre
On 26.01.24 11:03, Rupert Gallagher wrote:
Subject: FORGED_HOTMAIL_RCVD2
Rule broken. Please update.
can you provide more info, perhaps headers?
header FORGED_HOTMAIL_RCVD2 eval:check_for_no_hotmail_received_headers()
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http
and its country of origin I
sometimes block the sending IP by some method.
perhaps you could add to your SA config or user_prefs:
add_header spam LastIP _LASTEXTERNALIP_
https://spamassassin.apache.org/full/4.0.x/doc/Mail_SpamAssassin_Conf.html
--
Matus UHLAR - fantomas, uh...@fantomas.sk
w do I redirect spam to a mailbox if I use the milter?
spamass-miter supports "-b spamaddress" option to redirect spam.
I prefer "-r nn" option that rejects mail if it scores over "nn" SA points.
I use reject score 8 on tuned systems, 10 on non-tuned.
--
Matus UHLAR
generally enough.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
10 GOTO 10 : REM (C) Bill Gates 1998, All Rights Reserved!
able.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Eagles may soar, but weasels don't get sucked into jet engines.
On 04.01.24 22:57, Matija Nalis wrote:
bodyGIFT_CARD /gift card/i
score GIFT_CARD 1.5
metaFREEMAIL_GIFTCARDSGIFT_CARD && (FREEMAIL_FROM ||
!DKIM_VALID)
Matus UHLAR - fantomas skrev den 2024-01-05 09:06:
shouldn't that be !DKIM_VALID_AU ?
valid DKIM si
On 04.01.24 22:57, Matija Nalis wrote:
bodyGIFT_CARD /gift card/i
score GIFT_CARD 1.5
metaFREEMAIL_GIFTCARDSGIFT_CARD && (FREEMAIL_FROM || !DKIM_VALID)
shouldn't that be !DKIM_VALID_AU ?
valid DKIM signature means nothing by itself
--
Matus UHLAR -
KIM headers. It's in a weird limbo where I can
see the email got marked but GMail is not marking it either way.
can we see headers From: and Authentication-Results as they were seen on
your server?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT
he domain in From:
When you forward e-mail, SRS makes sure SPF record is from your domain, but
the DKIM signature must be made by sending server, so forwarded messages
without valid DKIM signature will not pass.
Many thanks for your help, it's genuinely appreciated!
--
Matus UHLAR - fant
ft tenants.
What?
If the message came from .outlook.com hosts, it should be reported to
ab...@outlook.com.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolve
us
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO6PR20MB3698
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Remember half the people you know are below average.
On 29.12.23 22:08, FalconChristopher wrote:
Anyone know how I can check and setup SpamAssassin so that I can
eliminate some spam from coming in from a email account ?
do you mean if one of your users started spamming out?
On 12/28/2023 2:24 AM, Matus UHLAR - fantomas wrote:
On 27.12.23 16
re for Spam Assassin but I don't know how to setup what I mentioned
above ?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I don
how my "razor_config" is
incorrect? That might be helpful.
what is in the /etc/mail/spamassassin/.razor/razor-agent.conf ?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu
ot; because google have a history of not honouring TTL's, and it
always pays to use a DNS server that you don't think would have your
zone cached, to get a fresh perspective.
correct.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive
On 17.11.23 11:19, natan wrote:
E-mail was signed DKIM but why SA set "DMARC_REJECT" in this time ?
W dniu 17.11.2023 o 12:31, Matus UHLAR - fantomas pisze:
it's hard to see this without envelope and header from:
On 17.11.23 12:42, natan wrote:
Return-Path:
<3j
reason for subdomain alignment.
good news dmarc plugin in sa trunc does aswell work in spamasasssin
3.4.6 last time i tryed
i am still waiting for spamassassin stable release of 4.x
That happened 11 months ago today, where have you been?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http
t;
E-mail was signed DKIM but why SA set "DMARC_REJECT" in this time ?
it's hard to see this without envelope and header from:
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tut
;ve had a hard time writing my own rules, has worked quite
well. (Up until the spammers started just dropping their fake invoice
content into an attached image - or PDF.)
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertis
uot;Missed SPAM"?, thinking
along lines of keeping BAYES "clean and sharp". So to speak.
Leave as is? Delete and re learn?
On 11/14/2023 13:46:11, Matus UHLAR - fantomas wrote:
Simply relearn FPs. Unless you have huge misclassification issue,
learning as few mail as one should fix BAY
uot;Missed SPAM"?, thinking along lines
of keeping BAYES "clean and sharp". So to speak.
Leave as is? Delete and re learn?
Simply relearn FPs. Unless you have huge misclassification issue, learning
as few mail as one should fix BAYES issues.
--
Matus UHLAR - fantomas, uh...@fantom
writable under "imaps" user, e.g. virtual users or similar.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Posli tento mail 100 s
What platform are you running on? (OS, distro, perl version, etc.)
Debian 12.
sa-update version 4.0.0 / svn1900642
running on Perl version 5.36.0
Matus UHLAR - fantomas writes:
Debian 12 contains SpamAssassion 4.0.0-6.
Cecil Westerhof writes:
Strange. When running 'apt update
What platform are you running on? (OS, distro, perl version, etc.)
Debian 12.
sa-update version 4.0.0 / svn1900642
running on Perl version 5.36.0
Matus UHLAR - fantomas writes:
Debian 12 contains SpamAssassion 4.0.0-6.
On 02.11.23 21:43, Cecil Westerhof wrote:
Strange. When running
s or using other way?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
The only substitute for good manners is fast reflexes.
*/
looks like you have problem reading or writing.
If you want less generic answer, please provide info what command you
execute and what is the exact error.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address
spamd"
I assume that's ok.
Matus UHLAR - fantomas skrev den 2023-10-31 11:48:
yes, although --create-prefs is useless when you use --nouser-config
On 31.10.23 17:51, Benny Pedersen wrote:
and --create-prefs needs root ?
no. Even if you keep spamd running as root, it won'
spamd"
I assume that's ok.
yes, although --create-prefs is useless when you use --nouser-config
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT aku
RON=1
since SA 4, spamd uses /etc/default/spamd
I don't use -u option, so spamd setuids to user spamc provides, this allows
spamd use per-user configuration files.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising
ult
the author of 'w7_whitelist.cf' for support of whatever configuration
it includes.
This only produces error because WelcomeListSubject does not exist and WhiteListSubject
is not installed.
Fixing the error above should fix this as well.
--
Matus UHLAR - fantomas, uh...@fantoma
Matus UHLAR - fantomas skrev den 2023-10-25 09:36:
I have:
50_scores.cf:score DKIM_VALID -0.1
check if you really haven't set score for DKIM_VALID anywhere, since
SA complains about it being zero.
I guess this may cause DKIM_INVALID misfiring
On 25.10.23 13:08, Benny Pedersen wrote:
7:10:54.125 [1687779] info: util: setuid: ruid=0 euid=0 rgid=0 0
egid=0 0
>Oct 25 07:10:54.364 [1687666] info: rules: meta test DKIM_INVALID has
dependency 'DKIM_VALID' with a zero score
Matus UHLAR - fantomas hat am 25.10.2023 08:16 CEST
geschrieben:
did you set score of DKIM_
X-Spam-Status: No, score=1.6 required=5.0 tests=ALL_TRUSTED,DKIM_INVALID,
DKIM_SIGNED,KAM_DMARC_REJECT,KAM_DMARC_STATUS autolearn=disabled
version=3.4.6
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this add
1CEB4CD00AA00BBB6E6000B5BBF9
7B16F0AE24BA3D270A637831578CAB77333E06029E36245B2E3DACE37D29594
x-originating-ip: [195.154.60.67]
x-esetresult: clean, is OK
x-esetid: 37303A2976F0D65A657466
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail adverti
. I just have to check which of them is not
a list that lists any 'dynamic' ip by default.
zen is not good idea for auth too. It's supposed to contain dynamic IPS
which aren't used for spaming.
authbl from spamhaus should do that.
--
Matus UHLAR - fantomas, uh...@fantomas
ourse.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
It's now safe to throw off your computer.
credentials
compromised.
can you describe it more?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Due to unexpected conditions Windows 2000 will
for more information.
On 2023-09-12 at 02:51:46 UTC-0400 (Tue, 12 Sep 2023 08:51:46 +0200)
Matus UHLAR - fantomas
is rumored to have said:
have you also read the link(s) above?
SA explains the problem and how to avoid it, namely points to:
https://cwiki.apache.org/confluence/display
ad that from
one of my .pre files, or do I have to somehow add that to a scan
command-line?
On 12.09.23 08:47, Matus UHLAR - fantomas wrote:
I bumped mine to maximum size my server can accept, currently 30M.
I checked my spambox for biggest spam recorded (not rejected or lost)
and I have pre
1 - 100 of 1007 matches
Mail list logo