Hello Thomas,
This might help too:
These failures are often due to SPFs that have a hard fail (meaning they end
with ‘-all’). When I dealt with this in the past, the original sending domain
was one where we could modify the SPF. So we had the email sender change “-all”
to “~all” and since that
Hello ^^)
Le 02/09/2021 à 20:49, Bill Cole a écrit :
On 2021-09-02 at 06:03:22 UTC-0400 (Thu, 2 Sep 2021 12:03:22 +0200)
Jean-François Bachelet
is rumored to have said:
Hello folks ^^)
I've installed the latest spamassassin version on a new Debian 11
server and configured it to work with
7;tip of the hat' towards
diversity.
Judy.
From: Bill Cole
Sent: 10 July 2020 21:21
To: users@spamassassin.apache.org
Subject: Re: IMPORTANT NOTICE FOR PEOPLE RUNNING TRUNK re: [Bug 7826] Improve
language around whitelist/blacklist and master/slave
On 10 Ju
$0.02 from a woman of colour ...
I personally find stuff like this just a little bit patronising ... more of a
matter of kicking the real problem into the weeds than actually doing anything
practical to 'fix' it.
Right up there with Mercedes decision to paint their $100 Million F1 cars black.
a domain name renewal.
On 5/23/2020 2:33 PM, Matus UHLAR - fantomas wrote:
>>> On Sat, 23 May 2020 at 09:55, hospice admin
>>> wrote:
>>> > Looks like DCC/Rhyolite has stopped working. First noticed problems
>>> > around 19:30 last night UK time.
>&g
Hi Gang,
Looks like DCC/Rhyolite has stopped working. First noticed problems around
19:30 last night UK time.
Problem seems to be that DNS for dcc-servers.net has gone away. Have checked
with the likes of mxtoolbox and intoDNS and they appear to agree.
When I do a 'whois' for the domain I noti
I noticed the same thing this morning. This is new for me as of
yesterday. They appear legit, but they get caught up in my filters for
the dyn ip "appearance".
From: Kenneth Porter
Sent: Saturday, October 5, 2019 10:05 AM
To: users@spamassassin.apache.org
Sub
erver/hmailserver/issues/115
(Fyi Your question put to the hmailserver forum would have answered this
for you.)
On 27 July 2018 10:08:22 BST, Admin wrote:
OK. That explains why I've seen it that way in some examples online.
I'm running hmailserver. Thanks.
ort
they are there
let me guess you use dbmail?
blame gmime at message reconstrcut time
Am 27.07.2018 um 00:44 schrieb Admin:
Hello. I was wondering if there is a setting to force line breaks in
X-Spam-Report. It’s kind of a trivial issue, but it would be so much
easier to read. Like b
Hello. I was wondering if there is a setting to force line breaks in
X-Spam-Report. It's kind of a trivial issue, but it would be so much easier
to read. Like below as an example (that I manually altered). Many thanks.
X-Spam-Report:
* 1.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in
ianne Skoll wrote:
>
> > On Fri, 11 Aug 2017 15:27:52 +0000
> > hospice admin wrote:
> >
> > > text = "v=spf1 exists:%{i}._spf.xyz.com ~all"
> > > What I'd like to do is turn this into an RBL check, but
> > > eval:check_rbl('Evil-E
Hi Team,
There's a particularly annoying ESP bugging us. Their clients always include a
reference to them in their SPF records, which look something like this:
text = "v=spf1 exists:%{i}._spf.xyz.com ~all"
So, if a message is dropped from 1.2.3.4
nslookup 1.2.3.4._spf.xyz.com
returns
Thanks.
From: Kevin Golding
Sent: 27 July 2017 14:41
To: users@spamassassin.apache.org
Subject: Re: Mail::SpamAssassin::Plugin::EmailBL??
On Thu, 27 Jul 2017 08:28:06 +0100, hospice admin
wrote:
> the above plugin doesn't seem to be distributed
Hi,
the above plugin doesn't seem to be distributed with the version of
SpamAssassin I'm running:
spamassassin --version
SpamAssassin version 3.4.0
running on Perl version 5.16.3
Also, I can't find mention of a download location anywhere.
Am I right in thinking this was an experiment that
Hey there,
We have a couple of user accounts (really, role aliases) that need a
different required_score from our global defaults. Since they're role
accounts, they don't have a homedir. We're using a milter that passes the
whole username (including domain name) along, anyway.
Is there a d
Guys,
I've been beating my head against a problem for a couple of days now ... maybe
someone can point me in the right direction ...?
I'm running SA 3.4.1 on Fedora 22. I think this problem started happening when
I upgraded from 3.4.0 on Fedora 21. In both cases, SA is running from within
MimeD
Hey all,
The Day Job (and some of you may know what job that is) does enough PGP
related stuff that we've had encrypted messages get dropped on occasion,
and we'd like to whitelist this stuff.
It looks like Mail::Spamassassin::Plugin::OpenPGP is way way old and has
requirements that aren't e
> Date: Sat, 7 Jun 2014 13:43:37 +0200
> From: axb.li...@gmail.com
> To: users@spamassassin.apache.org
> Subject: Re: Advice re- SA 3.4.0
>
> On 06/07/2014 01:33 PM, hospice admin wrote:
> >
> >
> >
> >> Date: Sat, 7 Jun 2014 13:22:13 +
> Date: Sat, 7 Jun 2014 13:22:13 +0200
> From: axb.li...@gmail.com
> To: users@spamassassin.apache.org
> Subject: Re: Advice re- SA 3.4.0
>
> On 06/07/2014 01:09 PM, hospice admin wrote:
> > I was wondering about this one and had put it to one side until I had
>
> Date: Sat, 7 Jun 2014 12:49:32 +0200
> From: axb.li...@gmail.com
> To: users@spamassassin.apache.org
> Subject: Re: Advice re- SA 3.4.0
>
> On 06/07/2014 12:19 PM, hospice admin wrote:
> > Just wondering if anyone had any advice along the lines "you really
&g
Hi Team,
Ive finally completed the upgrade of all my mail servers from FC18 + SA 3.3.2 +
Perl 5.15.3 to FC20 + SA 3.4.0 + Perl 5.18.2. I run SA from within MineDefang
2.74 in both cases.
I've simply moved across all the rules and plug-ins I used 3.3.2 to 3.4.0, and
during our beta testin
> Date: Thu, 22 May 2014 17:13:24 -0700
> From: jdeb...@garlic.com
> To: users@spamassassin.apache.org
> Subject: Re: Mystery SpamWare
>
> On Thu, 22 May 2014 18:23:48 +0100
> hospice admin wrote:
>
>> Hi Team,
>>
>
Hi Team,
All of a sudden I've started noticing a lot of spam coming in with some fairly
unique headers like this:
x-track-version: 4
x-track-source: notifire_XXX
x-track-spooler-id:
x-track-spooler-split-id:
x-track-spooler-segment-id:
x-render: render-
Precedence: bulk
x-trac
All,
Most of my users aren't command-line friendly. I'd like to basically have
my IMAP server default to handing out two imap mailboxes that get
auto-crontabbed to training bayes.
Ideally, I'd also like to make it so that things dropped in the learn_spam
folder are deleted, and stuff in the
Hi Team,
I was wondering what folks were doing with SPF_FAIL , TO_EQ_FM_SPF_FAIL and
TO_EQ_FM_DOM_SPF_FAIL these days?
I personally have never seen an FP with any, but understand from the reading
I've done that some people do.
My approach has always been to combine with DCC/Pyzor/Razor h
> From: hospice...@outlook.com
> To: users@spamassassin.apache.org
> Subject: RE: Detecting very recently registered domain names
> Date: Mon, 6 Jan 2014 13:45:07 +
>
>
>> Date: Mon, 6 Jan 2014 12:26:08 +
>> F
> Date: Mon, 6 Jan 2014 12:26:08 +
> From: andrew.he...@aaisp.net.uk
> To: users@spamassassin.apache.org
> Subject: Re: Detecting very recently registered domain names
>
> On Thu, 19 Dec 2013 10:02:39 -0500
> Joe Quinn wrote:
>
>> We are noticing a lot
> From: lcon...@go2france.com
> To: users@spamassassin.apache.org
> Subject: dns*.registrar-servers.com as a rogue registrar?
> Date: Tue, 7 May 2013 13:15:24 -0500
>
>
> Nearly all of the .pw domains have their authoritative NS at
> dns*.registrar-servers.com.
>
> that registrar and few othe
http://www.nominet.org.uk/whoweare/structure/agm/board-election
It would be great if someone from our community (ideally wiser them me), could
get elected.
Judy.
> Date: Wed, 1 May 2013 16:34:48 +0200
> From: axb.li...@gmail.com
> To: users@spamassassin.apache.org
> Subject: Re: .pw / Palau URL domains in spam
>
> On 05/01/2013 04:28 PM, hospice admin wrote:
> > I don't care what some folks are saying about .pw, compared
I don't care what some folks are saying about .pw, compared to Nominet they
totally rock.
When was the last time anyone saw Nominet suspend a .UK spammer?
Judy
> Date: Wed, 1 May 2013 06:58:41 -0700
> From: dones...@directi.com
> To: users@spamassassin.apache.org
> Subject: Re: .pw / Palau URL do
> Date: Wed, 24 Apr 2013 13:13:30 -0400
> From: b...@indietorrent.org
> To: users@spamassassin.apache.org
> Subject: Re: Seminar Spam
>
>
>
> On 4/24/2013 12:12 PM, hospice admin wrote:
> > Hi,
> >
> > we're having problems with an outfit
Hi,
we're having problems with an outfit called 'Bite Sized Seminars' in the UK,
who seem to be sending mail out through another company called 'Communicado'. A
quick google suggests we aren't the only ones.
We have developed a number of rules that identify their mail by looking for
their phone
On Sun, 24 Mar 2013, Mark Martinec wrote:
On Sunday March 24 2013 05:57:49 Dan Mahoney, System Admin wrote:
sa-update also uses a mirror file which lists all of the URLs where the
update can be downloaded from, optionally including weights for different
mirrors.
But there's no documentati
Hey there.
The SA wiki says:
sa-update also uses a mirror file which lists all of the URLs where the
update can be downloaded from, optionally including weights for different
mirrors.
But there's no documentation or examples given for weighting. Anyone
closer to the code know what this wou
On Fri, 8 Mar 2013, Axb wrote:
On 03/08/2013 04:46 PM, Dan Mahoney, System Admin wrote:
Hey there all,
It seems a pretty core function in SA is the ok_languages and ok_locales
function.
I'd like to be able to turn on LOGGING of detected locales before I set
which are "ok" (
On Fri, 22 Feb 2013, Kevin A. McGrail wrote:
On 2/22/2013 3:27 PM, David F. Skoll wrote:
On Fri, 22 Feb 2013 12:20:22 -0800
Marc Perkel wrote:
We need a rule to catch this. It looks like more data than it is but
it's really little more than a single link. Like to see a rule that
identifies i
Hey there all,
It seems a pretty core function in SA is the ok_languages and ok_locales
function.
I'd like to be able to turn on LOGGING of detected locales
before I set which are "ok" (or specifically, which are "less ok")
I'm sure there's a knob for this somewhere, can anyone tell me wher
I was in the process of "linting" my SA config when I discovered that the
pyzor servers are handing back this response to all commands:
/usr/local/bin/pyzor --homedir /usr/local/etc/mail/spamassassin/.pyzor
ping
public.pyzor.org:24441 (401, 'Unauthorized: User is not authorized to
request the
On Tue, 19 Feb 2013, Andrzej A. Filip wrote:
On 02/19/2013 08:53 PM, Dan Mahoney, System Admin wrote:
On Tue, 19 Feb 2013, Andrzej A. Filip wrote:
On 02/19/2013 03:47 AM, Dan Mahoney, System Admin wrote:
Spamcop has an undocumented feature that they allow you (if they trust
you) to "
On Tue, 19 Feb 2013, Kevin A. McGrail wrote:
On 2/18/2013 9:47 PM, Dan Mahoney, System Admin wrote:
Hey there,
Spamcop has an undocumented feature that they allow you (if they trust you)
to "quick report" spam, where you send to a different mail address, and
it's reported ins
On Tue, 19 Feb 2013, Andrzej A. Filip wrote:
On 02/19/2013 03:47 AM, Dan Mahoney, System Admin wrote:
Spamcop has an undocumented feature that they allow you (if they trust
you) to "quick report" spam, where you send to a different mail address,
and it's reported instantly, wi
Hey there,
Spamcop has an undocumented feature that they allow you (if they trust
you) to "quick report" spam, where you send to a different mail address,
and it's reported instantly, without having to hit the web interface.
When you do this, you are still free to report spam in the usual way
On Tue, 25 Sep 2012, Kevin A. McGrail wrote:
On 9/25/2012 5:02 PM, Dan Mahoney, System Admin wrote:
I mentioned this on the mailing lists a few years ago.
I notice that there still doesn't seem to be a clean way to just make spamd
listen on all (v4 and v6) addresses by default, nor is
On Tue, 25 Sep 2012, Kevin A. McGrail wrote:
On 9/25/2012 5:02 PM, Dan Mahoney, System Admin wrote:
I mentioned this on the mailing lists a few years ago.
I notice that there still doesn't seem to be a clean way to just make spamd
listen on all (v4 and v6) addresses by default, nor is
All,
I mentioned this on the mailing lists a few years ago.
I notice that there still doesn't seem to be a clean way to just make
spamd listen on all (v4 and v6) addresses by default, nor is there a way
to listen on multiple addresses with multiple -A options.
This means that if you want to
Greetings,
I've spent many hours spread out over weeks scouring the Internet and
message archives and FAQs and such, and am unable to find a solution to
the problem I'm having.
I have a Postifx+AmavisNew+SpamAssassin+ClamAV setup for my mail
server. It's all running on Ubuntu Server 10.04 LT
On Sat, 6 Nov 2010, David F. Skoll wrote:
On Sat, 06 Nov 2010 00:41:53 -0700
Bill Landry wrote:
You could also test the envelope sender:
header SPAMHAUS_ENV eval:check_rbl_envfrom('SPAMHAUS_ENV',
'_vouch.dwl.spamhaus.org.')
But that's an abuse... you should not be using Vouch-by-r
On Wed, 3 Nov 2010, John Hardin wrote:
On Wed, 3 Nov 2010, Pat Traynor wrote:
I've been running Spamassassin on my linux server for some time, and I
use Pine to read my mail.
Hello, fellow fossil!
Aah, yonder fossils. I've found, by the way, that if you're not using
Alpine, you sure shou
All,
Has anyone come up with a ruleset yet to score against the new spamhaus
whitelists, and deduct points appropriately?
-Dan
--
"Let me tell you something about regrowing your dead wife Lucy, Harry.
It's probably illegal, potentially dangerous, and definitely crazy."
-Harry nods-
Vincent
Hey there,
I just enabled pyzor as part of spamassassin (freebsd 6.4, pyzor built
from ports), and occasionally get this message in my logs:
Jul 9 05:40:59 quark spamd[11607]: spamd: connection from prime.gushi.org
[72.9.101.130] at port 51280
Jul 9 05:40:59 quark spamd[11607]: spamd: proce
On Thu, 8 Jul 2010, Karsten Bräckelmann wrote:
On Wed, 2010-07-07 at 18:09 -0400, Dan Mahoney, System Admin wrote:
It seems the only way to pass a preference from spamc to spamd is by
having a different user-id.
In my specific case, I'd like to report to spamcop using their "quic
All,
It seems the only way to pass a preference from spamc to spamd is by
having a different user-id.
In my specific case, I'd like to report to spamcop using their "quick" UID
for some mails, but keep all my preferences otherwise the same (so I still
get the benefits of bayes, dcc, awl, etc
Hey all,
In my spamc config file I have:
-d 72.9.101.140
-l
--connect-retries=10
--retry-sleep=30
However, procmail scripts that I was using to report, via "spamc -C
report", were simply returning the message.
When I added -d 72.9.101.140, the message was properly reported.
The manpage stat
On Mon, 5 Jul 2010, Karsten Bräckelmann wrote:
On Mon, 2010-07-05 at 02:31 -0400, Dan Mahoney wrote:
The greater problem is, that if for some reason spamassasin doesn't run
(for example, a spamc timeout(*)) it produces exactly the same effect.
Is there a way to have spamassasin/dspamd not scan
Hey all,
From what I've gathered, there's both a recommended way to call
spamassassin/spamd from procmail with a message-size-limit, as well as an
overrideable builtin-default (-s option to spamc).
These both cause the usual spamassasin headers to be missing from
messages.
The greater prob
On Mon, 28 Jun 2010, Yet Another Ninja wrote:
On 2010-06-28 11:33, Dan Mahoney, System Admin wrote:
> Hey there,
>
> Perhaps this is by design, but rt replies are, strictly speaking, not
> bounce messages.
>
> Message attached, let me know if it looks "normal".
&
On Mon, 28 Jun 2010, Karsten Bräckelmann wrote:
On Sun, 2010-06-27 at 16:52 -0400, Dan Mahoney, System Admin wrote:
Can spamc do this, or must it be forked to "tee" or something.
Ideally I'd like to both report and learn in a single step (such as in a
pipe from alpine
Hey there,
Perhaps this is by design, but rt replies are, strictly speaking, not
bounce messages.
Message attached, let me know if it looks "normal".
-Dan
--
Dan Mahoney
Techie, Sysadmin, WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144 AIM: LarpGM
Site: http://www.gu
Can spamc do this, or must it be forked to "tee" or something.
Ideally I'd like to both report and learn in a single step (such as in a
pipe from alpine). I note that spamassassin -r also has the option to
learn (by default!), but spamc doesn't for some reason. Or if it does,
the manpage neg
I previously asked this question and was told the best answer might be to
wait for 3.3.
Was there ever support ratified for ipv6 including proper -A ipv6 access
lists, and proper ability to listen on both the ipv6 default and the v4
default at the same time, when specifying -i?
I'm not sure
Have tried upgrading Spamassassin 3.2.5 to 3.3.1 and the result was a disaster.
Currently have the spamassin* of one version and perl-Mail-spamassassin* of
another. Running "rpm -e spam*" I get the following error:
error: package spamassassin-3.2.5-1.x86_64.rpm is not installed
error: package
case with sendmail logs).
-Dan
On Sat, 26 Dec 2009, Dan Mahoney, System Admin wrote:
Hey there,
Background: Sendmail with spamd running on a different box, spamc called
from global procmail file.
I'm doing some nightly log-combing to look for interesting patterns,
including against o
Hey there,
Background: Sendmail with spamd running on a different box, spamc called
from global procmail file.
I'm doing some nightly log-combing to look for interesting patterns,
including against other network traffic (like erroneous DNS lookups, I
think I might be on to something).
Howe
Hi there,
Any clues how I can fix the following error?
sa-learn is failing
$ sa-learn --no-sync --spam --mbox ~/mail/Spam
bayes: cannot open bayes databases /home/user/.spamassassin/bayes_* R/O:
tie failed:
bayes: cannot open bayes databases /home/user/.spamassassin/bayes_* R/O:
tie failed: Ba
Jari Fredriksson wrote:
Hi there,
Some spam is getting past the spamassassin. So I;d like to devise a
scheme where I manually place the emails not caught by spamassass in my
'spam-mail' folder. Is there any way to get spamassassin to process the
contents of the folder so I those accepted messa
Hi there,
Some spam is getting past the spamassassin. So I;d like to devise a
scheme where I manually place the emails not caught by spamassass in my
'spam-mail' folder. Is there any way to get spamassassin to process the
contents of the folder so I those accepted messages are considered spa
Hi there,
I do not see spamassassin processing information in the SMTP header of
incoming messages. So I am fairly sure that the processing is not
working. I am hoping to get the postfix->procmail->spamc processing
path working system-wide. I need some help though since it is not working.
On Mon, 27 Apr 2009, Jo Rhett wrote:
On Apr 27, 2009, at 1:16 PM, Dan Mahoney, System Admin wrote:
The problem exists now, there is PNG spam, and there will continue to be,
because it gets through. Right now the only way I find this blocked is if
spamcop blocks it.
Just as a point of
On Mon, 27 Apr 2009, Henrik K wrote:
Nothing of this makes sense. If you don't have a test server, too bad. If
you don't trust the "score-changing values" too bad. It all worked for me.
It's a great idea, but I'd like to see it mature some first, especially
with respect to its documentation, te
Hey all,
While there's a decent amount of spamassassin list traffic to imply
otherwise, is the SA project falling dormant?
the sare-rules claim they won't be updated due to lives, wives, and
hockey.
the fuzzyOCR project claims the only thing that works with 3.2 is the SVN
version, and on t
On Sat, 25 Apr 2009, John Hardin wrote:
On Sat, 25 Apr 2009, Gary Forrest wrote:
We are receiving the same image spam many times, random text within the
body.
FuzzyOCR. It seems Spammers are trying image spam again, after giving up on
it for a year or so.
Is there a version of FuzzyOCR th
On Fri, 5 Dec 2008, Dan Mahoney, System Admin wrote:
Also, sorry about the subject headers. I think I've fixed my procmail
recipe.
-Dan
--
"I love you forever eternally."
-Connaian Expression
Dan Mahoney
Techie, Sysadmin, WebGeek
Gushi on efnet/u
On Wed, 3 Dec 2008, SM wrote:
At 18:23 02-12-2008, Byung-Hee HWANG wrote:
Are you using FreeBSD or NetBSD? If so, i understand you. Unfortunately, SA
developers do not care about IPv6 yet. So here SA program at first do
action with "127.0.0.1" than "::1", i guess ;;
This was tested on a BSD
On Mon, 1 Dec 2008, SM wrote:
At 23:01 30-11-2008, Dan Mahoney, System Admin wrote:
So then, you're saying the behavior for ipv4 and ipv6 is somehow different?
If you start spamd without specifying the IP addresses to listen on, spamd
will listen on the 127.0.0.1 IP address only.
A
On Sun, 30 Nov 2008, SM wrote:
At 21:45 30-11-2008, Dan Mahoney, System Admin wrote:
Since getting my hosts natively speaking ipv6, I've been seeing a lot of
initial timeouts connecting to spamc, because I believe it's apparently
trying ipv6 first.
spamc: connect to spamd on 200
Since getting my hosts natively speaking ipv6, I've been seeing a lot of
initial timeouts connecting to spamc, because I believe it's apparently
trying ipv6 first.
spamc: connect to spamd on 2001:470:1f07:a7f::1 failed, retrying (#1 of
3): Connection refused
spamc: connect to spamd on 2001:470
On Sun, 20 Apr 2008, Theo Van Dinter wrote:
On Sun, Apr 20, 2008 at 12:39:29PM -0400, Dan Mahoney, System Admin wrote:
Can someone do a spam-versus-ham comparison for included links to
blogger.com (I don't have the corpus handy, nor do I know how to set up a
"proper" test.)
Hello all,
A lot of the spam I'm seeing sneak past spamassassin has a blogger url in
it (this seems to be a new favorite for spammers).
I've got about 200 such spams that have managed to sneak past (no idea how
many of the 2 spams in my confirmed-kills folder also match).
So, that said:
Details on configuration. Both machines, ma1 and ma2 are identical.
We are running:
sendmail
spamhaus.org blacklist which rejects the majority of mail so
SpamAssassin does not have to process that chunk of mail.
spamd (spamassassin) - 2 instances of spamd on each machine.
mimedefang
clamav
a f
bout 1.5 Gig of this. Swap usage is the same on both machines at
500M each.
Thanks for the suggestions. They are good factors to consider.
Dan Zachary
Kris Deugau wrote:
Spam Admin wrote:
I have two mail servers running Spamassassin. One is running 3.1.9
and the other 3.2.4, both with
I have two mail servers running Spamassassin. One is running 3.1.9 and
the other 3.2.4, both with the same set of local rules, plus the
standard rules that come with each version.
The 'load' on the processors for 3.2.4 is about *4 times more *than the
'load' on 3.1.9.
Do others have the sam
--
"Man, this is such a trip"
-Dan Mahoney, October 25, 1997
Dan Mahoney
Techie, Sysadmin, WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144 AIM: LarpGM
Site: http://www.gushi.org
---
On Fri, 26 Oct 2007, Matthias Leisi wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Alex Woick schrieb:
[Spamcop]
I understand the two step reporting process too, and I too find it
annoying and timeconsuming to ack my (manually reviewed) 50 spams per
day to them, so I ceased to do it. T
On Wed, 17 Oct 2007, ram wrote:
Sorry I meant "like spamcop" .. I think I must proof-read my own mail
now before Ctrl-Enter :-)
The problem with SpamCop is: the two step reporting process makes things a
bear to do. I understand the logic behind it, but once or twice I've
taken a couple hund
Hey all,
In looking through my sendmail logs, I've found that some connecting mail
servers actually are correctly configured with a signed, valid cert from
one of the major CA's.
Is there a rule that can match this, on sendmail, based on the connecting
ip on your network edge?
This could b
On Wed, 17 Oct 2007, Alex Woick wrote:
Matthias Leisi schrieb am 17.10.2007 09:46:
Correct. But by setting (in your local.cf or equivalent)
| trusted_networks 204.9.177.18
you are telling SpamAssassin that this relay is not operated by a
spammer and that it should apply all black-/whitelist
On Wed, 17 Oct 2007, Matthias Leisi wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dan Mahoney, System Admin schrieb:
Livejournal's purely a mail forwarding service (i.e. there's no way to
POP/IMAP that account)
As far as I know, there are mails originating from LJ
On Wed, 17 Oct 2007, Matthias Leisi wrote:
I forwarded over 200 of them earlier today (as an attachment -- total
email size was about one meg).
OK, I now could have a look at them (well, a sample of them, not each of
the > 200 individually).
All samples in that set have been forwarded through
On Wed, 17 Oct 2007, Henrik Krohns wrote:
On Wed, Oct 17, 2007 at 02:48:49AM -0400, Dan Mahoney, System Admin wrote:
On Wed, 17 Oct 2007, Henrik Krohns wrote:
On Tue, Oct 16, 2007 at 06:16:49PM -0400, Dan Mahoney, System Admin wrote:
dnswl.org is either full of it, or not well maintained
On Wed, 17 Oct 2007, Henrik Krohns wrote:
On Tue, Oct 16, 2007 at 06:16:49PM -0400, Dan Mahoney, System Admin wrote:
dnswl.org is either full of it, or not well maintained.
I've gotten at least 20 spams which I see are listed in dnswl.org as "low
trust" (which still merits -1
On Wed, 17 Oct 2007, Matthias Leisi wrote:
I forwarded over 200 of them earlier today (as an attachment -- total
email size was about one meg).
It would have been from this address.
-Dan
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dan Mahoney, System Admin schrieb:
dnswl.org is
dnswl.org is either full of it, or not well maintained.
I've gotten at least 20 spams which I see are listed in dnswl.org as "low
trust" (which still merits -1.0).
Could we maybe please add a feature to spamassassin -r (or some other hook
to the generic whitelisting code) which reports this t
On Wed, 10 Oct 2007, David B Funk wrote:
On Tue, 9 Oct 2007, Jo Rhett wrote:
On Oct 9, 2007, at 4:22 PM, Chris Edwards wrote:
Your server then enforces encryption and SMTP-AUTH, and the SSL will
(hopefully) defeat any man-in-the-middle attacks by trans-proxies.
That's exactly the problem I
On Wed, 10 Oct 2007, Bret Miller wrote:
sa-update does NOT feed a local blocklist generated by *my*
particular
corpus of spam emails. Think of it as the RBL equivalent of
sitewide-bayes. Or think of it as a way of SA saying "when
I get twelve
spams of score 10+ from ip 208.23.118.172...I w
In pseudocode...
IF (message is a recognizable bounce || message is from <>)...
AND (we can guess the domain being sent to (can't trust the "to" header,
but maybe the X-Envelope-To or some MTA token?)
AND the domain being sent TO supports SPF and/or DKIM...(i.e. implying a
misdirected bounce
On Tue, 9 Oct 2007, Steven Kurylo wrote:
Parsing the SA logs would be easy, but the connecting IP isn't listed
there.
As I mentioned, I'm parsing exim's logs. It contains the spam score and the
IP address.
Oh, that's true enough. I was musing on parsing my own logfiles as
opposed to plugi
On Tue, 9 Oct 2007, Steven Kurylo wrote:
Or think of it as a way of SA saying "when I get twelve spams of score 10+
from ip 208.23.118.172...I will feed the auto-expiring RBL, which
*SENDMAIL* works off of, thus keeping my *SPAMASSASSIN* load lower. Thus a
spam deluge via a dictionary attack
On Mon, 8 Oct 2007, Rob McEwen wrote:
Therefore, I recommend that you re-think your choices here! Don't let your
quest for "guaranteed long-term perfection" keep you from making
**substantial** progress today!
Rob,
Then help rally the SA team to include those RBLs that you mentioned in
the
On Mon, 8 Oct 2007, Matus UHLAR - fantomas wrote:
On Sat, 6 Oct 2007, Rob McEwen wrote:
FWIW... that IP, 220.226.197.15, is currently listed on four spam
blacklists ("RBLs"):
1) uceprotect
2) no-more-funn
3) psbl
4) ivmSIP.com (mine)
On 07.10.07 05:55, Dan Mahoney, System Admin
1 - 100 of 312 matches
Mail list logo