e login name needs be specified as
„user\shared“ - and if both use SMTP-formatted addresses, this would look
like „u...@example.com\sharedmail...@example.com“.
I don't think so.
Just today I've seen header likce
From: "name surname "
--
Matus UHLAR - fantomas, uh...@fantomas.sk ;
byte long.
Can you check the size of /tmp/1847701.tar.gz when that happens?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Microsoft dick is
El vie., 30 nov. 2018 a las 3:06, Matus UHLAR - fantomas
() escribió:
And, yes, there could be rule that catches message-id added by internal
server. Note that:
- Message-ID is not required (has SHOULD in RFC)
- many mailservers add message-id if it doesn't exist.
>> https://p
that mail."
I am of course aware of such policies, but they differ site to a site, admin
to an admin and company to a company.
The fact that you refuse some kind of e-mail does not mean that others
should be doing the same.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas
a logcould you paste the email headers?
cheers
I do not know if it is useful, the amavisd + spamassassin I have it in
front of the mail server.
https://pastebin.com/ktMUDLps
not available anymore :-(
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish N
02.212.207
GeoIP Country Edition: KR, Korea, Republic of
Would anyone please share a rule, I can use to catch the above spam.
tried runinning "spamassassin -D" over the e-mail?
just to see if it picks the rule, if it finds the database etc
--
Matus UHLAR - fantomas, uh..
quot; set (unless with maxhits=1)
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
He who laughs last thinks slowest.
Hello,
I have recently noticed spams spreading via amasonses.com and outlook.com.
hitting DKIMWL_WL_MED that pushed score below threshold.
especially amazonses.com mail seemed to be amazon cloud servers.
Has anyone noticed this too?
I have disabled DKIMWL_WL_MED for now.
--
Matus UHLAR
vc/spamassassin/branches/3.4/lib/Mail/SpamAssassin/Plugin/FromNameSpoof.pm?r1=1842029&r2=1842028&pathrev=1842029&view=patch
- hope it's not the culprit.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this ad
Hello,
did anyone set up rules to use the FromNameSpoof plugin?
Do you have any experiences about it?
Thanks.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT
On 16.11.18 08:44, Robert Fitzpatrick wrote:
We're having an issue with spam coming from the same company even
though SPF and DKIM is setup with DMARC to reject. Take this forwarded
email for instances
does the mail pass or fail SPF and DKIM?
--
Matus UHLAR - fantomas, uh...@fantom
On 15.11.18 09:42, Ian Zimmerman wrote:
> # This one disables Bayes. ...
> tiny detail. use_learner 0
On Fri, 16 Nov 2018 09:52:05 +0100 Matus UHLAR - fantomas wrote:
1. this description is invalid. use_bayes disables bayes.
On 16.11.18 14:13, RW wrote:
use_learner 0, in theory, di
I.
Maybe the KAM rules would have got this one?
no. They can help, but hardly help you to push -3.3 scoring mail received
via mailing list over spam threshold.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this addr
On Wed, 14 Nov 2018 09:43:25 +0100
Matus UHLAR - fantomas wrote:
what are direct effects of normalize_charset?
On 14.11.18 14:37, RW wrote:
It causes mime text parts that aren't UTF-8 to be translated into UTF-8.
does this apply only for rules or even for things like bayes?
I mean, w
red
in local.cf with 3.4.2 upgrade.
Will enabling normalize_charset cause some immediate benefits or
disadvantages for us?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDO
http://dpaste.com/33J7SF5
>>
>>how can i troubleshoot why this is happening?
On 11.11.18 19:23, Henrik K wrote:
>Are you perhaps using amavisd-new 2.11.x ? It has originating bug that
>makes it always hit ALL_TRUSTED.
>
>https://gitlab.com/amavis/amavis/issues/6
On Su
e, it's important to check amavis
settings.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
One OS to rule them all, One OS to fi
TRUSTED?
You have also commented you need to investigate the patch, have you already?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I don&#x
such mail. With complete headers.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
BSE = Mad Cow Desease ... BSA = Mad Software Producents Desease
On Nov 8, 2018, at 2:30 AM, Matus UHLAR - fantomas wrote:
Do you use autolearn? There are a few rules to detect ham (score
negatively), many of them based on default whitelists and DNS whitelists,
where many mails come from grey area companies, not necessarily spam, but
training their mail as
0 1541614749 0 non-token data: last expiry atime
0.000 05529600 0 non-token data: last expire atime delta
0.000 0 1173 0 non-token data: last expire reduction
count
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warni
I recommend chasing who is treating those as URLs.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Atheism is a non-prophet organization.
must prepared to do builds for yourself always.
Simply do NOT do this, not on debian.
If you really want built, download source package from sid and try building
on stretch/jessie.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to
On Thu, 25 Oct 2018 16:07:02 +0200
Matus UHLAR - fantomas wrote:
>On Thu, 25 Oct 2018 08:37:45 -0400 Alexander Lieflander wrote:
>> As a side-note, it seems like the error message returned by dpkg
>> (and thus SpamAssassin, I guess) is incorrect. Where it mentions
>> “s
amassassin
(and sa-update) should be installed and configured.
well, I checked on debian 8 and debian 9, not on ubuntu 18.04
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDO
On 25/10/2018 11:43, Matus UHLAR - fantomas wrote:
On 25/10/2018 10:33, Matus UHLAR - fantomas wrote:
bug number would help more...
On 25.10.18 10:58, Reio Remma wrote:
The bug contains no additional info. :) I was simply asked to post
to the list.
and this is exactly why it would be
o the attachment...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Linux - It's now safe to turn on your computer.
Linux - Teraz mozete p
more...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Posli tento mail 100 svojim znamim - nech vidia aky si idiot
Send this email to 100 your fr
ere, admins are advised to copy them to /etc and make
modifications there, instead of modifying files that get overwritten at
upgrade (debian checks for config file changes, but init files aren't
apparently config files).
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Wa
On 16.10.18 18:42, RW wrote:
Bayes might work, but I wouldn't like to see it added to body text
because corrupted text could look like obfuscation.
On Wed, 17 Oct 2018, Matus UHLAR - fantomas wrote:
it should be pushed back to body text just for filters like bayes.
The same could/shou
ok like obfuscation.
it should be pushed back to body text just for filters like bayes.
The same could/should be done for attachhed .doc, .pdf files etc.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varova
ocessing with bayes and other rules.
As for your question about the place for image scanning, if your MTA
has the resources to do so, why not?
Because it's better if it's combined with other information.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warn
On 15.10.18 21:04, Antony Stone wrote:
I thought http://xkcd.org/2059 was appropriate to highlight on this list :)
Any volunteers to implement this in SA? ;-)
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this
On 10/11/2018 01:35 AM, Matus UHLAR - fantomas wrote:
I for example run spamass-milter with -r 10 (rejects score over 10)
at one machine, and amavisd-milter with "spam_kill_level_maps=>
10", along with postscreen.
This way mail gets refused when listed in DNSBLs, while no
lter (post-queue) so
they don't complain sending mail (SA scanning at MTA level) taked too long.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
M$ Win's are shit, do not use it !
On 20.09.18 16:05, Matus UHLAR - fantomas wrote:
I looked at update times and they are different each day - debian script
sleeps random number of seconds (up to one hour) in order to lower the
impact at mirror servers.
I have removed the "--fail" option from curl and will look at err
On 10/2/2018 9:59 AM, Matus UHLAR - fantomas wrote:
can you post the headers?
or at least the Message-Id?
On 02.10.18 11:07, Rob McEwen wrote:
Here is the message as THEIR system saw it (with my client's info
masked) - but it looks like their Kerio (or the customer's email
client?
many clients, any system that receives and checks too much mail may
get URIBL_BLOCKED just because they have crossed the limit, withous using it
wrong or being broken.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this addr
is malfunctioning on their end, and then they changed the score
to .001 - so just please ignore that for the purpose of this
discussion.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na
wrote:
It can wait. Matus also had the issue hitting my mirror and I know I
don't use a CDN.
On 20.09.18 16:05, Matus UHLAR - fantomas wrote:
I looked at update times and they are different each day - debian script
sleeps random number of seconds (up to one hour) in order to lower the
i
PF_ALL _SENDERDOMAIN_ TXT /^v=spf1 .*?\+all/
describe JMQ_SPF_ALL SPF set to +all!
score JMQ_SPF_ALL 0.5
endif
remove those ?'s:
/^v=spf1 .*\?all/
and
/^v=spf1 .*\+all/
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising
;--fail" option from curl and will look at error message
if there's any.
I'll keep you updated and will fill bugreport if I'm able to find out
anything useful.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail adverti
On Wed, 5 Sep 2018 10:08:24 +0200 Matus UHLAR - fantomas wrote:
I (imho too often) get problems when running sa-update (Debian 8, SA
3.4.0)
found at /usr/bin/curl Sep 5 07:38:31.810 [16137] dbg:
http: /usr/bin/curl -s -L -O --remote-time -g --max-redirs 2
--connect-timeout 30 --max-time 300
On Wed, 5 Sep 2018 10:08:24 +0200 Matus UHLAR - fantomas wrote:
I (imho too often) get problems when running sa-update (Debian 8, SA
3.4.0)
found at /usr/bin/curl Sep 5 07:38:31.810 [16137] dbg:
http: /usr/bin/curl -s -L -O --remote-time -g --max-redirs 2
--connect-timeout 30 --max-time 300
AL_ALL SPF set to ?all!
scoreJMQ_SPF_NEUTRAL_ALL 0.5
endif
do you not check for "+all" by a reason?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu p
ocketpath=/var/spool/postfix/spamassassin/spamd.sock
--socketowner=spamd
--socketgroup=spamd
--socketmode=0660"
PIDFILE="/var/run/spamd.pid"
CRON=1
(comments and newlines removed)
ubuntu@mail:~$ cat /etc/default/spamass-milter
OPTIONS="-u spamass-milter -i 127.0.
ist -firsttrusted rules.
This is the only problem I can see coming from trusting local clients - but
since they must be trusted to avoid local blacklist, I see no way to avoid
this than change to SA trust path (drop all Received: after this hosts).
comments welcome.
--
Matus UHLAR - fantomas, uh.
98,lanout=283697
This kind of error happens with different mirrors.
Now my questions:
- is this possible problem with mirrors?
- when do mirrors update?
- do mirrors updates propagate atomically?
or should I dig into that deeper to find out what happens?
--
Matus UHLAR - fantomas, uh...@fantomas.s
On Fri, 31 Aug 2018, Matus UHLAR - fantomas wrote:
Note that I list internal clients as trusted, not as internal.
Maybe this is the problem. Long time ago I learned to configure
dynamic IP addresses (dialups) as trusted, but not as internal.
On 31.08.18 12:07, John Hardin wrote:
Hrm. Not
S_OUTLOOK_TO_MX,
XPRIO_SHORT_SUBJ, ...?
Now that you pulled this out...
Yes, it would also help on some servers I maintain (where HDR_ORDER_FTSDMCXX*
caused troubles).
The question I still have is, if this is not in contrast with proposed usage
of __ANY_EXTERNAL or !ALL_TRUSTED
--
Matus UHLAR
On 31 Aug 2018, at 4:53, Matus UHLAR - fantomas wrote:
Long time ago I learned to configure dynamic IP addresses (dialups) as
trusted, but not as internal.
On 31.08.18 09:37, Bill Cole wrote:
They probably should be neither.
In this case, clients are internal, not dialup, but I still think
On Thu, 30 Aug 2018, Matus UHLAR - fantomas wrote:
That further causes hitting HDR_ORDER_FTSDMCXX_DIRECT and
HDR_ORDER_FTSDMCXX_NORDNS in cases where client uses the mail client on
local network, without SMTP authentication, and without DNS (which may be
quite common in some organizations).
On
because there's a check
for unparsable relays in the perl.
__DOS_SINGLE_EXT_RELAY would work in my case (client sending direclty to
mailserver).
But when considering multiple trusted server (client, trusted and internal
MTA, my MTA), it would hit again.
I will have to think of this a
nted yet, and telling the network admins they must
to implement it now that I have installed spamassassin, is not acceptable.
Tuning DNS is of course possible but it requires some time.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail ad
d production in June 2006. I'm not sure how much
weight we can give to an email sent with it.
On Thu, Aug 30, 2018 at 9:46 AM, Matus UHLAR - fantomas
wrote:
note that the issue is exactly the same with Windows Live Mail, which,
while unsupported, was available until Jan 2017 (and still seem
nd.
Your focus on ALL_TRUSTED implies to me this is 100% internal mail. Is
that correct?
internal and/or outgoing.
Do you (or anyone other) find problems when using ALL_TRUSTED?
On Thu, Aug 30, 2018 at 9:14 AM, Matus UHLAR - fantomas
wrote:
the __HDR_ORDER_FTSDMC rule catches mail
m to add && !ALL_TRUSTED to HDR_ORDER_FTSDMCXX_DIRECT
and HDR_ORDER_FTSDMCXX_NORDNS ?
(maybe even HDR_ORDER_FTSDMCXX_001C and HDR_ORDER_FTSDMCXX_BAT, if their
score will be more than zero)
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail adv
>On 08/08/2018 15:04, Matus UHLAR - fantomas wrote:
>>...of last 40 mail in my spambox, 14 matches MAILING_LIST_MULTI
>>...of last 100 mail in spambox, 27 matches MAILING_LIST_MULTI
On 09.08.18 08:54, Daniele Duca wrote:
>I practically zeroed MAILING_LIST_MULTI the day it ca
at (eval 1899) line 19.
Any suggestions on a fix? Installed info below:
apt-cache policy spamassassin
unless ubuntu's spamassassin includes vlamav module, this is not a problem
of spamassassin but the clamav plugin
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Wa
On 08/08/2018 15:04, Matus UHLAR - fantomas wrote:
...of last 40 mail in my spambox, 14 matches MAILING_LIST_MULTI
...of last 100 mail in spambox, 27 matches MAILING_LIST_MULTI
On 09.08.18 08:54, Daniele Duca wrote:
I practically zeroed MAILING_LIST_MULTI the day it came in the ruleset.
I
crease the token retention, and reduce writes into the
>database.
On Thu, 26 Jul 2018 17:36:19 +0200 Matus UHLAR - fantomas wrote:
well, I have a bit different experience.
On 26.07.18 21:25, RW wrote:
I didn't say auto-training itself, is a good idea.
I mean, if I set bayes_auto_lea
missing) rdns, seen when you compare
to another header you have posted. That would indicate bug in header parsing
code.
Received: from ip70-189-131-151.lv.lv.cox.net (EHLO [192.168.0.105])
([70.189.131.151]) ...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
W
that IP addresses change hands. Many ISPs
> assign IP addresses to customers dynamically, so addresses are
> changing all the time."
On Sat, 28 Jul 2018 18:12:42 +0200 Matus UHLAR - fantomas wrote:
and the point is?
A-ha. ou put it in subject:
Re: Why is RCVD_IN_BL_SPAMCOP_NET n
0-\040,;\[()<>]|\z)/i # Bug 5878
&& $1 !~ /$IP_PRIVATE/) {
return 1;
}
but maybe I read wrong. Which SA version do you have?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varov
(just) dynamic addresses.
Therefore it's useful to do deep header scanning for spamcop listings.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamn
n" tflag causes score being ignored.
Only the "noautolearn" flag should be used for this so at least BAYES_99 and
BAYES_00 could be takein into account when learning.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising
t;calculations are complex" is not an answer to "what calculations".
Maybe you could do those calculations offline and push their results to DNS.
Maybe you could create rules or SA plugin instead.
Do any kind of complex calculations for a DNS request is useless, especially
when yo
some time.
Why do I have different scores and how do I get same score on both
configurations ?
you can't get the same score when the URI is not in blacklist anymore.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertisi
bayes_auto_learn_threshold_spam 12.0
Can this be used before training the database or is it more often used to
supplement (on an ongoing basis), a database that has already be trained ?
those don't contradict each other.
you can use manual and automatic learning both.
--
Matus UHLAR - fantoma
;or doing some additional training, but then the plugin is of limited
>relevance.
On Tue, 19 Jun 2018 10:41:51 +0200 Matus UHLAR - fantomas wrote:
Of course, both autotraining AND the fixing errors are required to
work properly.
On 19.06.18 22:27, RW wrote:
Then you have worst of both
ite way. having way to fix those manually helps
users.
IMO the plugin is best left to statistical filters like DSPAM.
isn't dspam dead?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I intend to live forever - so far so good.
Matus UHLAR - fantomas skrev den 2018-06-16 16:37:
not external networks. only external mail servers you trust not to
forge e-mail
headers. They may send spam but are not the spam sources.
On 16.06.18 19:06, Benny Pedersen wrote:
not correct
spamassassin need to know all wan ips your own
On 16.06.18 10:12, David Jones wrote:
That is basically the same thing worded a little differently. If
you have an internal mail relay and your SA server has a private
IP on it, then that will be an RFC 1918 IP or range in your
internal_networks.
Matus UHLAR - fantomas skrev den 2018-06-16
of EMPTY_MESSAGE and
MISSING_SUBJECT which is the real problem here.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Fighting for peace is like fucking for virginity...
09:37 AM, Matus UHLAR - fantomas wrote:
no. only servers that deliver mail to you, as your MX servers or other
mailservers directly within your organization should be in
internal_networks.
On 16.06.18 10:12, David Jones wrote:
That is basically the same thing worded a little differently. If
mail filtering. This will tell SA
to go back one more Received: header to test for "last_external"
checks and RBL checks.
not external networks. only external mail servers you trust not to forge e-mail
headers. They may send spam but are not the spam sources.
--
Matus UHLAR - fa
On 15.06.18 09:04, Matus UHLAR - fantomas wrote:
On Tue, 12 Jun 2018, micah anderson wrote:
I had a message marked with:
2.3 EMPTY_MESSAGE Message appears to have no textual parts and no
Subject:
It did not have a subject, but it did have content (although only
encrypted)
John Hardin
On 15.06.18 16:24, Reio Remma wrote:
I'm curious, if I turn on DCC learning, does it learn with both the
learn and report options to sa-learn or only report?
sa-learn only trains bayes.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to rece
message part to be a text body
part. What was the MIME type of that part?
On 14.06.18 12:17, micah anderson wrote:
pgp/mime
and wat is an attachment or just the e-mail came with mime type pgp/mime;2~?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to
did not have one, but have you
looked in your Spam folder lately? All spam has a subject, pretty much
always an informal survey of my trash heap showed 4 messages out of
400 did not have a Subject, and two of them were repeats.
Matus UHLAR - fantomas writes:
and what is your point?
On
mails hitting MISSING_SUBJECT is ham.
if the percentage is very different in there two cases, the rule gets high
positive (or negative) score.
Some scores are tuned for safety reasons.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertisi
0/mail.sinclair-accounting.co.uk: result:
fail, comment: Please see http://www.openspf.org/Why?s=helo;id=mail.sinclair-accounting.co.uk;ip=80.229.84.190;r=obelisk.open-t.lan,
text: Mechanism '-all' matched
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I w
On 06/10/2018 12:02 PM, Matus UHLAR - fantomas wrote:
I believe M$ requires users to be authenticated within the domain
before they are allowed to send using your domain.
On 10.06.18 16:55, Grant Taylor wrote:
Is that authenticating to the MS SMTP server with any recognized
account? Or
thousands of IP addresses that could
conceivably be used to spoof any other domain that's "hosted" using
one of those IPs?
I believe M$ requires users to be authenticated within the domain before
they are allowed to send using your domain.
--
Matus UHLAR - fantomas, uh...@fantom
as well.
do you run manually /etc/cron.daily/spamassassin or sa-update?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
"Two words: Wi
don't like doing it this way
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Eagles may soar, but weasels don't get sucked into jet engines.
n seems to be common (for the mail I have seen)
- one line, 5 words, 7 characters each seems to be common too.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukol
KIM-sign headers
that may change on the way (e.g. Received:)
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
42.7 percent of all statistic
On 30.05.18 15:12, Palvelin Postmaster wrote:
I prepend my spam emails’ subject fields with a specific string to indicate
spam, like many do, I presume. Will that string get noticed by bayes and
if so, should I do something to prevent it?
On 30 May 2018, at 15:21, Matus UHLAR - fantomas
, unless you check for spamminess, tag and check
again...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Save the whales. Collect the whole set.
91.195.240.117
not mentioning where does its web page redirect...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Windows 2000: 640 MB ought to be
install a local (BIND) on the mail server?
The requirement is not for caching server - it's for recursing server
dnsmasq is forwarding server, get rid of if when possible. It's even
documented:
https://wiki.apache.org/spamassassin/CachingNameserver
--
Matus UHLAR - fantomas, uh...@f
olv.conf
nameserver 127.0.0.1
i cannot believe that is not the default. i always assumed my dns
was working correctly.
It's not default to have DNS server on your system. And it's not default to
have localhost in resolv.conf - it may be authoritative-only.
--
Matus UH
rect, not sending or droping bounce is what's wrong and it
happens on senders side.
Matus UHLAR - fantomas wrote:
STOP calling rejection a dropping.
Rejecting is NOT dropping.
They are two different things.
If you try to hand me an envelope, and I will refuse to take it, It is NOT
the same as if
ly useless.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
2B|!2B, that's a question!
mail and won't blame us for way how mail system works (and always
worked), just because you have misunderstood (or assumed) it.
I didn't realize email was no longer considered unreliable
afaik e-mail was NEVER considered reliable, mostly because of reasons
mentioned above.
-
uot;A"
tag to see if there is a URL there, and if they do not match, consider it
a phis so apply said phis score to the message.
Has anyone done this? module even?
On 26/04/2018 18:12, Matus UHLAR - fantomas wrote:
the main problem: may non-spam senders do that, see:
https://wiki.apache.o
e discussion in linked bug:
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=4255
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Micro$of
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
10 GOTO 10 : REM (C) Bill Gates 1998, All Rights Reserved!
ow_user_rules" is enabled,
which may be the error
I don't advise per-user rules, I would better advise configure rules
globally but enable/disable them only for some users, which can be done in
user_prefs.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish N
601 - 700 of 2533 matches
Mail list logo
