Am 2024-03-19 14:51, schrieb Thomas Cameron:
Does anyone else just block all traffic from *.onmicrosoft.com? I have
literally NEVER gotten anything from that domain which is not obvious
junk.
We block and have a whitelist with 49 entries at the moment.
Michael
Am 2021-04-08 17:46, schrieb Bill Cole:
On 8 Apr 2021, at 6:25, Matus UHLAR - fantomas wrote:
and there is no undef_whitelist_auth, and the unwhitelist_auth does
NOT work.
It does work in 3.4.5, although if you're not there yet I'd advise
waiting for 3.4.6.
See
Am 2021-04-08 17:26, schrieb Bill Cole:
On 8 Apr 2021, at 8:04, Matus UHLAR - fantomas wrote:
On Sun, 4 Apr 2021 13:21:08 +0200 Matus UHLAR - fantomas wrote:
I prefer to solve problems instead of playing with scores.
It seems that abusers have worked around SA by using google
domains
and
Am 2021-02-20 08:58, schrieb Dominic Raferd:
Is there a rule to catch cases where the domain of the Reply-To header
is a subtle variant on that in the To header. Take this (real) example
from a phishing email sent yesterday:
From: "Karen Howard"
Reply-To: "Karen Howard"
I realise that other
Am 2020-09-16 05:28, schrieb John Hardin:
On Tue, 15 Sep 2020, Mark London wrote:
Hi - I receive email from spiceworks.com help desk, which are sent via
sendgrid. Why do these URLs trigger the SENDGRID_REDIR rule score,
which is 3.4 ? Thanks. - Mark
They trigger the rule because they
Am 2019-12-10 19:03, schrieb Joseph Brennan:
A user here reported a new twist on the bitcoin ransom mail. New to
me, anyway.
From: Casper Mitten
Sent: Monday, December 9, 2019 10:00 PM
The Subject was a single word, supposedly a password.
The message was a jpg picture of text.
Although it
Am 2018-02-17 00:46, schrieb Amir Caspi:
On Feb 16, 2018, at 4:41 PM, John Hardin wrote:
Not necessarily safe. If your MTA receives a message without a
Message-ID, it is supposed to generate one. And if it does so, it will
probably do so using your (recipient) domain...
Am 2018-02-17 00:41, schrieb John Hardin:
On Fri, 16 Feb 2018, Michael Storz wrote:
Am 2018-02-15 19:27, schrieb David Jones:
We have covered this issue a few times recently on this list but I
don't think anything definitive was ever decided or recommended to
detect and block this sort
Am 2018-02-15 19:27, schrieb David Jones:
We have covered this issue a few times recently on this list but I
don't think anything definitive was ever decided or recommended to
detect and block this sort of spoofing:
https://pastebin.com/juXLD8vr
This appears to be a spoofed email from a
Am 2017-12-22 12:04, schrieb Axb:
On 12/22/2017 10:58 AM, Michael Storz wrote:
Am 2017-12-21 18:08, schrieb Axb:
On 12/21/2017 05:20 PM, Benny Pedersen wrote:
RW skrev den 2017-12-21 17:12:
On Thu, 21 Dec 2017 16:40:13 +0100
Benny Pedersen wrote:
is this plugin used at all ?
i see
Am 2017-12-21 18:08, schrieb Axb:
On 12/21/2017 05:20 PM, Benny Pedersen wrote:
RW skrev den 2017-12-21 17:12:
On Thu, 21 Dec 2017 16:40:13 +0100
Benny Pedersen wrote:
is this plugin used at all ?
i see freemail defines __ml why does it not use maillist.pm to
detect
maillists ?
asking
Am 2017-10-02 19:43, schrieb David Jones:
On 09/27/2017 09:52 AM, Kevin A. McGrail wrote:
I recently stumbled onto a mail with a Spam link where the FROM
header field looked like this:
From: "Firstname Lastname@" sendern...@real-senders-domain.com>
Jakob, just wanted to let you know I
Am 2017-07-26 17:22, schrieb Dianne Skoll:
On Wed, 26 Jul 2017 17:15:43 +0200
Michael Storz <michael.st...@lrz.de> wrote:
[...]
/boundary="-{4}=_NextPart_000_[0-9A-F]{4}_[0-9A-F]{8}\.[0-9A-F]{8}"/
You may get FPs. See for example
https://supportcenter.checkpoint.com/supp
Am 2017-07-26 15:08, schrieb Dianne Skoll:
On Tue, 25 Jul 2017 08:36:22 -0400
Dianne Skoll wrote:
All of the URLs match this pattern:
/\/[A-Z]{4}\d{6}\/$/
We see a new variant with the subject "Your Virgin Media bill is ready"
and
URLs that match:
uri
Are there any plans for a DMARC plugin for SpamAssassin? Reacting to a
DMARC policy of reject (AOL/Yahoo) seems only feasible with SpamAssassin
because so many exceptions are needed for software which destryes DKIM
signatures:
- mailing lists
- MS Exchange
- Novell GroupWise
- Lotus Domino
Am 2014-04-30 10:23, schrieb Axb:
On 04/30/2014 10:10 AM, Michael Storz wrote:
Are there any plans for a DMARC plugin for SpamAssassin? Reacting to
a
DMARC policy of reject (AOL/Yahoo) seems only feasible with
SpamAssassin
because so many exceptions are needed for software which destryes
DKIM
Am 2014-04-30 11:00, schrieb Axb:
On 04/30/2014 10:30 AM, Michael Storz wrote:
Am 2014-04-30 10:23, schrieb Axb:
On 04/30/2014 10:10 AM, Michael Storz wrote:
Are there any plans for a DMARC plugin for SpamAssassin? Reacting
to a
DMARC policy of reject (AOL/Yahoo) seems only feasible
Am 2014-04-30 11:08, schrieb Tom Hendrikx:
On 04/30/2014 11:00 AM, Axb wrote:
On 04/30/2014 10:30 AM, Michael Storz wrote:
Am 2014-04-30 10:23, schrieb Axb:
On 04/30/2014 10:10 AM, Michael Storz wrote:
Are there any plans for a DMARC plugin for SpamAssassin? Reacting
to a
DMARC policy
Am 2014-04-30 11:33, schrieb Jim Popovitch:
On Apr 30, 2014 5:09 AM, Tom Hendrikx t...@whyscream.net wrote:
On 04/30/2014 11:00 AM, Axb wrote:
On 04/30/2014 10:30 AM, Michael Storz wrote:
Am 2014-04-30 10:23, schrieb Axb:
On 04/30/2014 10:10 AM, Michael Storz wrote:
Are there any
Am 2014-04-30 12:10, schrieb Django [BOfH]:
HI!
Am 30.04.2014 11:14, schrieb Axb:
Seems to me that amavisd-new would be the better place to handle
this
You ned a mail filter, witch can see (!) SPF-Auth and DKIM-Auth while
DMARC is checking both results.
So the only really good and best
Am 2014-04-30 12:23, schrieb Axb:
On 04/30/2014 12:10 PM, Django [BOfH] wrote:
HI!
Am 30.04.2014 11:14, schrieb Axb:
Seems to me that amavisd-new would be the better place to handle
this
You ned a mail filter, witch can see (!) SPF-Auth and DKIM-Auth
while
DMARC is checking both
Am 2014-04-30 12:58, schrieb Axb:
On 04/30/2014 12:50 PM, Michael Storz wrote:
Am 2014-04-30 12:23, schrieb Axb:
On 04/30/2014 12:10 PM, Django [BOfH] wrote:
HI!
Am 30.04.2014 11:14, schrieb Axb:
Seems to me that amavisd-new would be the better place to handle
this
You ned a mail filter
Am 2014-04-30 13:15, schrieb Mark Martinec:
On 04/30/2014 10:10 AM, Michael Storz wrote:
Are there any plans for a DMARC plugin for SpamAssassin?
Reacting to a
DMARC policy of reject (AOL/Yahoo) seems only feasible with
SpamAssassin because so many exceptions are needed
Am 2014-04-30 13:36, schrieb Kevin A. McGrail:
On 4/30/2014 7:15 AM, Michael Storz wrote:
Thanks, your answers are very helpful for solving the problems we
are facing. On a related note, if you need, I did implement a
modification routine for mailman in mimedefang. Code published at
http
Am 2014-04-30 14:30, schrieb Mark Martinec:
I agree that a DMARC SpamAssassin plugin would be valuable.
Michael Storz wrote:
How about implementing it in Amavisd-new in addition (I couldn't
resist to ask here too :-)
I think it more naturally fits into SpamAssassin, contributing
to the final
Since Yahoo and AOL have moved to a DMARC policy of reject, mail
senders are changing the way they are sending their emails. Instead of
using the email address of an user in RFC5322.From they use their own
address and put the address of the user in the Reply-To field.
FREEMAIL_FORGED_REPLYTO
Am 2014-04-24 12:58, schrieb Axb:
On 04/24/2014 12:52 PM, Michael Storz wrote:
Since Yahoo and AOL have moved to a DMARC policy of reject, mail
senders
are changing the way they are sending their emails. Instead of using
the
email address of an user in RFC5322.From they use their own address
Am 2014-04-24 13:27, schrieb Axb:
On 04/24/2014 01:22 PM, Michael Storz wrote:
Am 2014-04-24 12:58, schrieb Axb:
On 04/24/2014 12:52 PM, Michael Storz wrote:
Since Yahoo and AOL have moved to a DMARC policy of reject, mail
senders
are changing the way they are sending their emails. Instead
Am 2014-04-24 14:31, schrieb Axb:
On 04/24/2014 02:20 PM, Michael Storz wrote:
Am 2014-04-24 13:27, schrieb Axb:
On 04/24/2014 01:22 PM, Michael Storz wrote:
Am 2014-04-24 12:58, schrieb Axb:
On 04/24/2014 12:52 PM, Michael Storz wrote:
Since Yahoo and AOL have moved to a DMARC policy
Am 2014-04-24 16:11, schrieb Benny Pedersen:
Michael Storz skrev den 2014-04-24 15:22:
I have answered that already, why this is not a good idea.
so
freemail_whitelist *@linkedin.com ?
Does not work:
rule:
meta FREEMAIL_FORGED_REPLYTO __freemail_hdr_replyto
!FREEMAIL_FROM
30 matches
Mail list logo