Have a look at MailScanner (http://www.mailscanner.info).
It has builtin phishing checks
Niek wrote:
> Eer, no. You can keep 0.49. Only if you upgrade netdns to the b0rked 0.50,
> you'll run into trouble. So either keep netdns @ 0.49 or upgrade to 0.51.
> Upgrading is not needed for sa 3.0.4 afaik.
>
> Niek Baakman
>
0.51 gives me the same problems :)
> /usr/bin/spamd -c -u spam >/var/log/test_spamd.
> `/bin/date +%Y%m%d%H%M`.log 2>&1 &
>
> The problem occured again, and I catched the following from
> spamd output
>>
What is the output of netstat?
Mr Michele Neylon
Blacknight Internet Solutions L
Bill Landry wrote:
Indeed! Better to look at something like http://countries.nerd.dk/more.html
for adding weight based on message source country. Here is a sample of how
to implement these in SA as RBL tests:
How accurate and up to date is that data?
--
Email scanned by Blacknight for viruses a
Scott Wertz wrote:
I think this is an easy question, but I haven't been able to find an
answer. If I'm using spamassassin 3, invoking it via procmail as just
'spamassassin' and testing for the result, and I trust that any message
carrying a URL that's listed on surbl.org or spamhaus.org is 100% sp
Although we have upgraded on most of our systems I am not too enthused with
the idea of touching our main gateway. It works, so I don't want to break
it.
Michele
Mr Michele Neylon
Blacknight Internet Solutions Ltd
Hosting, co-location & domains
http://www.blacknight.ie/
Tel. +353 59 913
to get that many. A score of 2.3 seems a bit severe just for having
> your computer clock wrong.
>
> thanks
I would disagree. On one server here I've got 1948 hits on that since the
first of January and none of them could be possibly mistaken for FPs.
Mr Michele Neylon
Bl
Gustafson, Tim wrote:
Hello
I know that it's generally frowned upon to actually "block" SPAMs (as
opposed to marking them as SPAM and letting the user decide) but my
company has some instances where we get things that are blatantly,
absolutely, unequivocally SPAM (think scores in excess of 100 poin
n there as well, so you run
a higher risk of FPs if you are not careful.
Mr Michele Neylon
Blacknight Internet Solutions Ltd
Hosting, co-location & domains
http://www.blacknight.ie/
Tel. +353 59 9137101
http://www.blacknight.ie/specialoffers.html
--
Email scanned by Blacknight for viruses
Andy Hester wrote:
I have just built a new spam filter with postfix/amavisd/spamassassin
to replace our old sendmail/mimedefang/spamassassin spam filter which
was buckling under the load. Can I copy the sa databases over to the
new filter to help my new filter learn? If not, any ideas on ho
Rob McEwen wrote:
> RE: mail server monitoring services
>
Rob
I don't know about services, but the software we use for all our servers is
called uptime. You can contact them on http://www.uptimesoftware.com/
HTH
Michele
Mr Michele Neylon
Blacknight Internet Solutions Ltd
We only reboot:
- when we absolutely have to ie. Machine is not behaving properly or has to
be physically moved
- when there is a kernel upgrade (same as above)
If the machine is behaving and you don't need to patch/upgrade the kernel
why reboot it?
Mr Michele Neylon
Blacknight Int
nform them that their mails are likely to be caught be email
filters or should we let them live on in blissful ignorance?
Any input would be appreciated.
TIA
Michele
Mr Michele Neylon
Blacknight Internet Solutions Ltd
Hosting, co-location & domains
http://www.blacknight.ie/
Tel. +
On Sat, 2004-11-06 at 13:57 -0600, Anton Krall wrote:
> Im using 3.0.. How do I get a hold of SURBLs ? Im still getting a lot of
> the vicodin and medicine spam mail :(
SURBL is a plugin. Look in your init.pre
--
Mr. Michele Neylon
Blacknight Solutions
Hosting, Co-location &a
Get rid of bigevil immediately!! It is no longer updated and kills servers
:)
If you are still running the 2.6* series use spamcop uri to add support for
SURBL
Mr Michele Neylon
Blacknight Internet Solutions Ltd
Hosting, co-location & domains
http://www.blacknight.ie/
Tel. +353 59 913
ck spam
>> server IP addresses, but instead to block messages based on
>
> Ouch, seems Jeff has problems with his setup. This is really old mail.
>
> Bye,
> Raymond.
I was wondering!
Mr Michele Neylon
Blacknight Internet Solutions Ltd
Hosting, co-location & domains
http
cy" in realising that they were gone I'd err in
favour of almost breaking the ruleset so people actually read the error
message...
That's just me though :)
Mr Michele Neylon
Blacknight Internet Solutions Ltd
Hosting, co-location & domains
http://www.blacknight.ie/
Tel. +353 59 913
deas?
I'd recommend you look into MailScanner (http://www.mailscanner.info) It
uses SA in combination with a number of other technologies and is used
by quite a few academic institutions
>
--
Mr Michele Neylon
Blacknight Solutions
http://www.blacknight.ie
059 9137101
--
Email scanned b
test whatever steps on the clean machine and
> then apply the same steps to the production server. In the
> worst case I'll end up with a new machine for handling all of our
> email (not a bad thing).
>
> Thanks in advance and sorry for the long post...
>
> Kevin
When
[EMAIL PROTECTED] wrote:
> Add
>
> FORGED_MUA_OUTLOOK 0.00
>
> in your local.cf file
Thanks - exactly what I needed :)
/me kicks himself
I really *should* have seen that
Mr Michele Neylon
Blacknight Internet Solutions Ltd
Hosting, co-location & domains
http://www.black
ion of our
clients.
Can anyone suggest a temporary remedy for this?
Regards
Michele
Mr Michele Neylon
Blacknight Internet Solutions Ltd
Hosting, co-location & domains
http://www.blacknight.ie/
Tel. +353 59 9137101
--
Email scanned by Blacknight for viruses and dangerous conte
ersions, you could probably do this with a plugin.)
>
If you used MailScanner you could achieve this without any headaches at
all :)
--
Mr Michele Neylon
Blacknight Solutions
http://www.blacknight.ie
059 9137101
--
Email scanned by Blacknight for viruses and dangerous content.
Visit http://www.blacknight.ie for more information
grading back to 'working' version
> should anything go wrong
>
It's possible - I've done it :)
Mr Michele Neylon
Blacknight Internet Solutions Ltd
Hosting, co-location & domains
http://www.blacknight.ie/
Tel. +353 59 9137101
--
Email scanned by Blacknight
SpamCopURI version, and the latter matches the SURBL
> back-end behavior more closely. However, this is really a
> subject for Jeff Chan.
The SURBL data contains domains as far as I can see from looking at our
local copies
M
Mr Michele Neylon
Blacknight Internet Solutions Ltd
Hostin
ADMIN_miki wrote:
>
> this machine is located inside DMZ
> any ideas why are these problems ?
> Thank you
> Miki
The obvious question I would ask is are you allowing connections outgoing ?
ie. Is your firewall open on the required ports?
Mr Michele Neylon
Blacknight Interne
we get from clients,
prospective clients, suppliers etc., I would be very wary of penalising
anyone due to spelling - we'd all lose business!!
M
Mr Michele Neylon
Blacknight Internet Solutions Ltd
Hosting, co-location & domains
http://www.blacknight.ie/
Tel. +353 59 9137101
--
Email scanned by Blacknight for viruses and dangerous content.
Visit http://www.blacknight.ie for more information
vendorlib='/u
> INSTALLSCRIPT = /usr/bin
> PERL_LIB = /usr/lib/perl5/5.8.0
> PERL_ARCHLIB = /usr/lib/perl5/5.8.0/i386-linux-thread-multi
> SITELIBEXP = '/usr/lib/perl5/site_perl'
> sit <-- is this right ?
> SITEARCHEXP = /usr/lib
)
Which version of MailScanner are you using?
The more recent releases have been patched to address this anomaly
--
Mr Michele Neylon
Blacknight Solutions
http://www.blacknight.ie
059 9137101
--
Email scanned by Blacknight for viruses and dangerous content.
Visit http://www.blacknight.ie for more information
install
>make had returned bad status, install seems impossible
>
> Now, I know, NOTHING's impossible.
>
> If this is beyond the scope of this list, I understand. But
> if anyone has any tips, I'm all ears. We're at 2.64 right now.
>
> Thanks,
>
body using SA 2.6* should use spamcop URI :)
Michele
Mr Michele Neylon
Blacknight Internet Solutions Ltd
Hosting, co-location & domains
http://www.blacknight.ie/
Tel. +353 59 9137101
--
Email scanned by Blacknight for viruses and dangerous content.
Visit http://www.blacknight.ie for more information
> overhead, but it's better for 3.0 installations to avoid the
> x30 files.
>
> Bob Menschel
Bob
Thanks for the clarification :)
Michele
Mr Michele Neylon
Blacknight Internet Solutions Ltd
Hosting, co-location & domains
http://www.blacknight.ie/
Tel. +353
Bayes brings the potential FPs back into line with
reality
We use a much higher threshold than you do and block very effectively :)
Mr Michele Neylon
Blacknight Internet Solutions Ltd
Hosting, co-location & domains
http://www.blacknight.ie/
Tel. +353 59 9137101
--
Email scanned by Blacknight for viruses and dangerous content.
Visit http://www.blacknight.ie for more information
s from Rules Emporium with rules du jour
previously, so I'd like to know which ones I can remove and which ones I
should keep.
Thanks in advance
Michele
Mr Michele Neylon
Blacknight Internet Solutions Ltd
Hosting, co-location & domains
http://www.blacknight.ie/
Tel. +353 59 9137101
--
Email scanned by Blacknight for viruses and dangerous content.
Visit http://www.blacknight.ie for more information
ive them low scores, but I don't
> know what all of them are, and that just seems the wrong way to go about it.
>
> What to do here???
>
> -Quinn
>
You should increase your spam threshold instead of trying to adjust the
scores assigned to dynamic IPs.
>
--
Mr M
I thought i was but i am getting
>
> /usr/bin/rules_du_jour: line 121: [: too many arguments
>
> So no updates it seems :(
>
> Mark
Run it directly from the command line:
./rules_du_jour
If you get a "too many arguments" error there is something either wrong with
y
second was to [EMAIL PROTECTED]
>
> I do get other drug emails but the low score on these 2 worry me.
>
> Mark
Mark
Are you using SURBL?
Michele
Mr Michele Neylon
Blacknight Internet Solutions Ltd
Hosting, co-location & domains
http://www.blacknight.ie/
Tel. +353 59 9137101
Test.
--
Email scanned by Blacknight for viruses and dangerous content.
Visit http://www.blacknight.ie for more information
On Tue, 2004-09-14 at 14:53 -0700, Kenneth Porter wrote:
> --On Tuesday, September 14, 2004 10:00 PM +0100 "Michele Neylon::Blacknight
> Solutions" <[EMAIL PROTECTED]> wrote:
>
> > As I already said, other lists allow people to choose.
>
> What list softwa
On Tue, 2004-09-14 at 14:53 -0700, Kenneth Porter wrote:
> --On Tuesday, September 14, 2004 10:00 PM +0100 "Michele Neylon::Blacknight
> Solutions" <[EMAIL PROTECTED]> wrote:
>
> > As I already said, other lists allow people to choose.
>
> What list softwa
uot;
Choice is always best
--
Mr. Michele Neylon
Blacknight Solutions
Hosting, Co-location & Domain Registration
http://www.blacknight.ie/
Tel. +353 (0)59 9137101
--
Email scanned by Blacknight for viruses and dangerous content.
Visit http://www.blacknight.ie for more information
uot;
Choice is always best
--
Mr. Michele Neylon
Blacknight Solutions
Hosting, Co-location & Domain Registration
http://www.blacknight.ie/
Tel. +353 (0)59 9137101
--
Email scanned by Blacknight for viruses and dangerous content.
Visit http://www.blacknight.ie for more information
On Tue, 2004-09-14 at 14:14 -0700, Bret Miller wrote:
>
> I don't expect the policy will change, so I'll eventually find another
> visual way to deal with it.
And who decides the policy?
--
Mr. Michele Neylon
Blacknight Solutions
Hosting, Co-location & D
On Tue, 2004-09-14 at 14:14 -0700, Bret Miller wrote:
>
> I don't expect the policy will change, so I'll eventually find another
> visual way to deal with it.
And who decides the policy?
--
Mr. Michele Neylon
Blacknight Solutions
Hosting, Co-location & D
On Tue, 2004-09-14 at 13:52 -0700, Kenneth Porter wrote:
> --On Tuesday, September 14, 2004 9:33 PM +0100 "Michele Neylon::Blacknight
> Solutions" <[EMAIL PROTECTED]> wrote:
>
> > Having a simple prefix in the subject line makes life a lot
> > easier.
&
On Tue, 2004-09-14 at 13:52 -0700, Kenneth Porter wrote:
> --On Tuesday, September 14, 2004 9:33 PM +0100 "Michele Neylon::Blacknight
> Solutions" <[EMAIL PROTECTED]> wrote:
>
> > Having a simple prefix in the subject line makes life a lot
> > easier.
&
would not be hard to implement.
Maybe I'm missing something
--
Mr. Michele Neylon
Blacknight Solutions
Hosting, Co-location & Domain Registration
http://www.blacknight.ie/
Tel. +353 (0)59 9137101
--
Email scanned by Blacknight for viruses and dangerous content.
Visit http://www.blac
> Hi!
>
>> Spammer apparently is using [EMAIL PROTECTED] in the FROm field
>> of
>> the emails he is sending out. Domain is one of my customers virtual
>> domain,
>> spammer made up the username in the email address. Now I am getting
>> burried
>> by mail notifications returning to sender...obvi
not 100% sure about 2.61, but I know that older versions of SA do
not recognise Outlook 2003 as a valid MUA and score accordingly
--
Mr Michele Neylon
Blacknight Solutions
http://www.blacknight.ie
059 9137101
--
Email scanned by Blacknight for viruses and dangerous content.
Visit http://w
Which blogger are you using?
I moved my own blog over to Wordpress a couple of months ago and I haven't
had any issues with comment spammers since.
Mr Michele Neylon
Blacknight Internet Solutions Ltd
Hosting, co-location & domains
http://www.blacknight.ie/
Tel. +353 59 9137101
101 - 149 of 149 matches
Mail list logo