Hi;
With short circuit you can stop scanning when certain tests are met.
Eg user is whitelisted.
I'm seeing lots of spam with scores (50+ points) above my cut off and
reject score.
Is there a way for shortcircuit to see the current score and stop if it
is above a certain cut off ?
I don't
Hi;
I've seen this as well. I did a cpan upgrade and upgraded all perl
mods on a BSD, but not SA which was at 3.2.3. I think that may be due to
an issue with Sys:Syslog v0.20
SA seems to be working fine, as you say.
[96054] error: Can't locate Sys/Syslog/Win32.pm in @INC (@INC contains:
/u
Hi;
I have it running and it works, load is down and free mem up, but not
certain if that is just because I've restarted spamd a few times. I'm
getting some weird error messages has anyone else seen this?
I had to modify the make file
#PYTHON=python2
PYTHON=python2.5
Then run the install man
t;... Then the spamd
user account needs to stay as "nobody". If you make a spamc call with a
"user" identified, then spamd will switch to that user account before
processing the message (this is for user specific needs like custom user
rules, BAYES, AWL, etc). Since the accounts
Hi;
I see that spamstats as well as sa-stats both read/process/parse/examine
only maillog files I do not have a maillog file.
Thats one way to it.
A better way would be to use exim and the eximstats package.
That way you can count all the mail that exim blocks via RBL, sender
verify and othe
the deliberate error in my previous posting :)
rgds
n
neil wrote:
Hi;
I see that spamstats as well as sa-stats both
read/process/parse/examine
only maillog files I do not have a maillog file.
Thats one way to it.
A better way would be to use exim and the eximstats package.
That way you can
Hi;
Ned Slider wrote:
>My point is it's really not easy to track down such information even
when banks do occasionally try to do the right thing. Maybe there is
already a >list out there. If not, maybe we should compile one? It's
hard work trying to do it by yourself, but done as a group it w
Hi;
Ned Slider wrote:
>First up, from Mike's inspiration above, I came up with these:
I took your rule and added some meta rules to it. I'm getting hits on
phishes, but I haven't seen any legitimate traffic hit it.
This may be that I have not seen any real bank mail or it could be that
it misse
Hi;
Marc Perkel wrote:
> To catch this:
>
> In order to confirm you Web-Mail identity, you are to provide the
> following data;
I have a generic phishing rule to reduce the incidence of customers
giving out their data. It could be easily modified to hit your example.
I got the basic idea from
On 7 Nov 2008, at 04:33, Matus UHLAR - fantomas wrote:
On 07.11.08 04:02, Neil wrote:
Is there a way to check if SPFs and DKIMs are being checked by
SpamAssassin?
Here is, I believe, the relevant spamassassin -D --lint output as far
as modules go:
[19018] dbg: dns: is Net::DNS::Resolver
On 7 Nov 2008, at 09:22, Benny Pedersen wrote:
On Fri, November 7, 2008 10:02, Neil wrote:
My understanding is Mail::SPF is not needed if you have
Mail::SPF::Query installed.
currect, but Mail::SPF::Query does not support SPF rr in dns,
Mail::SPF does
Thanks.
But still; how can I
ious mails does it remember?
Thanks,
Neil.
On 7 Nov 2008, at 23:40, Matt Kettler wrote:
Neil wrote:
I'm wondering about the best way to train my Bayes filter (per-user
filtering).
I have a Junk folder, and it contains roughly three categories of
mail
(to my mind, at least):
A. Mail SpamAssassin marked spam and auto-learned as
On 7 Nov 2008, at 23:43, Neil wrote:
On 7 Nov 2008, at 23:40, Matt Kettler wrote:
Neil wrote:
I'm wondering about the best way to train my Bayes filter (per-user
filtering).
I have a Junk folder, and it contains roughly three categories of
mail
(to my mind, at least):
A.
On 8 Nov 2008, at 00:09, Matt Kettler wrote:
Matt Kettler wrote:
Neil wrote:
So maybe this is moving slightly off on a tangent, but:
Why does auto-learn sometimes learn spam with a rating of X, but not
spam with a rating of X+Y? Where's it's methodology?
First, there'
On 8 Nov 2008, at 07:40, mouss wrote:
Neil wrote:
But still; how can I know that SPF and DKIM checks are working?
copy _this_ message (the one you are reading now) to a file:
message.eml, then (assuming a Bourne shell, not a C shell), run
# spamassassin -D -t < message.eml 2>&a
On 8 Nov 2008, at 12:53, mouss wrote:
Neil wrote:
On 8 Nov 2008, at 07:40, mouss wrote:
Neil wrote:
But still; how can I know that SPF and DKIM checks are working?
copy _this_ message (the one you are reading now) to a file:
message.eml, then (assuming a Bourne shell, not a C shell
On 8 Nov 2008, at 16:41, mouss wrote:
Neil wrote:
[snip]
Content analysis details: (-6.1 points, 4.5 required)
pts rule name description
--
--
-0.0 SPF_PASS SPF: sender matches SPF record
already knocked
the threshold down a little.
If it helps, here are some examples:
http://dpaste.com/94956/
http://dpaste.com/94957/
http://dpaste.com/94958/
Thanks,
Neil.
Hi;
We are noticing a number of phishing mails with a clone of one of our
webmail pages coming in. The interesting thing is the site they bounce
through. The site collects some user info such as OS, browser etc. It
appears an interesting way to obfuscate a url and collect data at the
same time.
Hi;
Any one else seeing random FPs with VBounce rules and short circuit
as described here:
http://wiki.apache.org/spamassassin/ShortcircuitingRuleset
# bounce messages: always ignored if the vbounce plugin is active
priority ANY_BOUNCE_MESSAGE -700
shortcircuit ANY_BOUNCE_MESSAGE spam
score A
s, on a Friday afternoon. What could possibly go wrong ;-)
Rgds
N.
Justin Mason wrote:
Yep, this is entirely possible; I don't think I tested with any
read receipts :(
--j.
neil writes:
Hi;
Any one else seeing random FPs with VBounce rules and short circuit
as described h
tarbaby.junkemailfilter.com. It will help stop
> spammers at the source.
>
>
--
Neil Schwartzman
Director, Accreditation Security & Standards
Certified | Safelist
Return Path Inc.
0142002038
strike out in wildly new directions.
;-)
Ok seriously, why take a chance? There tends to be coherence between the OED
and American Heritage in terms of definitions. Why try to start a new one
for dead domain?
--
Neil Schwartzman
Director, Accreditation Security & Standards
Certified | Safelist
Return Path Inc.
0142002038
8. In some rare cases, your recipients' Barracuda Spam Firewall may be
misconfigured
--
Neil Schwartzman
Director, Accreditation Security & Standards
Certified | Safelist
Return Path Inc.
0142002038
The opinions contained herein are my personal stance and may not reflect the
viewpoint of Return Path Inc.
On 28/05/09 10:42 AM, "Karsten Bräckelmann" wrote:
> Yes, every list does have occasional FPs. So your point about those 22
> listings is what exactly?
My point is the 409 false positives. Sorry if I was unclear or obtuse.
--
Neil Schwartzman
Director, Accreditation Secu
have been using for 3 years, developed without
public consultation.
Enabled = on the whitelist
Suspended = removed from the whitelist, live in the client account
Disabled = removed from the client account
--
Neil Schwartzman
Director, Accreditation Security & Standards
Certified | Safelist
Retur
d them in the past 30 days ...
I realize I owe this group a list of things we check. Stand by.
--
Neil Schwartzman
Director, Accreditation Security & Standards
Certified | Safelist
Return Path Inc.
0142002038
Unsubscribe Functionality
FQ rDNS
SPF
DKIM
RFC Role account functionality
CBL
PBL
XBL
DROP
FBL Sign-up
Volume Sufficiency
--
Neil Schwartzman
Director, Accreditation Security & Standards
Certified | Safelist
Return Path Inc.
0142002038
ffecting large proportions of a client IP
space, or repeated offenses earns a client a trip to the woodshed, and if
that doesn't get them to correct their errant ways, we invite them to no
longer darken our door.
It isn't worth it to them, nor to us.
--
Neil Schwartzman
Director, Accreditat
ent IP, and there are a raft
of DNSBL operators to back me up on that one. Our clients get listed, I want
to know why, but I never ever ever ask for delistings. Ever. Why would I?
--
Neil Schwartzman
Director, Accreditation Security & Standards
Certified | Safelist
Return Path Inc.
0142002038
s Please
> take some time to have a check, They must have something you'd like to
> buy.
--
Neil Schwartzman
Director, Accreditation Security & Standards
Certified | Safelist
Return Path Inc.
0142002038
On 29/05/09 9:32 AM, "Andy Dorman" wrote:
> Neil Schwartzman wrote:
>>
>> Given the huge amount of bumph I've seen and heard about emailreg.org, I
>> figured it would be an interesting experiment to see if what everybody
>> feared was happening was tr
On 29/05/09 4:09 PM, "Bob O'Brien" wrote:
> Neil,
>
> Based on our "Requests for Removal" filed over the past 3+ weeks from
> ReturnPath, the number of IPs that you are claiming to have had issues with
> appears inflated by a factor of nearly 50%.
a
clue offered as to how to call them from SA.
TIA
--
Neil Schwartzman
Director, Accreditation Security & Standards
Certified | Safelist
Return Path Inc.
0142002038
ing them out is certainly within
your right. Making them a positive sign given the totality of our client
list would be, in my mind, silly. Unless you enjoy false positives.
--
Neil Schwartzman
Director, Certification Security & Standards
Return Path Inc.
0142002038
the directory and your name is not in there? Perhaps there is a
> misspelling or something?
Perhaps you can use this new thing called 'google' they have out, it is way
kewl:
http://www.google.com/search?client=safari&rls=en-us&q=Tara+Natanson+%2B+con
stant+contact&ie=UTF-8&oe=UTF-8
--
Neil Schwartzman
Director, Certification Security & Standards
Return Path Inc.
0142002038
#x27;m saying they are
> scamming and abusing, as well as spamming.
Ah, our good friends at E Z Publishing. They are an ESP, apparently one of
the clients is being bad.
Please send me a complaint with FULL headers to habeas@abuse.net and
I'll take care of this immediately, as will EZP.
Thanks for the heads up.
--
Neil Schwartzman
Director, Certification Security & Standards
Return Path Inc.
0142002038
can¹t imagine why
http://neilschwartzman.com//Neil_Schwartzman/shared/pat6952719.pdf
http://neilschwartzman.com//Neil_Schwartzman/shared/harris-complaint.pdf
--
Neil Schwartzman
Director, Certification Security & Standards
Return Path Inc.
0142002038
15 Jul 2009 09:14:24 -0700
> From: "Paul DiFrancesco: Eight Legged Media"
> To: embroid...@x.com
> Subject: Visit with over 25 suppliers
> This is a multi-part message in MIME format.
>
>
--
Neil Schwartzman
Director, Certification Security & Standards
Return Path Inc.
0142002038
FOLLOW-UP:
A process was hung on one of the 20 hives serving the whitelists and
reported this IP as being listed. We've restarted the process and it is
no longer reporting incorrectly.
On 16/07/09 8:05 AM, "Neil Schwartzman" wrote:
Now, I am aware that we recently change
Zero-out our scoring? That is and will always be your right.
Making it a positive spam sign?? Well, if you run a home system with no
users, I suppose no damage done. If you are running SA in front of actual
users at a business installation, I'd think it very brave to incur known
false po
ses are broken, we want to know; I¹ve BCCed
our CPO in on this.
Thanks for the heads up.
--
Neil Schwartzman
Director, Certification Security & Standards
Return Path Inc.
0142002038
On 17/07/09 4:03 PM, "Neil Schwartzman"
wrote:
> Your assertion that we encountered a block and then switched to a new IP
> netblock is preposterous. We have several ranges and mail streams. You opted
> in and then opted out. OK, in what timeframe? Minutes? Hours? The
d isn't it?
This is a tough row to ho, and I've not gone down this road in a while but
cunillingus is misspelt, potentially leading to the lack of reaction. By
your rules.
--
Neil Schwartzman
Director, Accreditation Security & Standards
Certified | Safelist
Return Path Inc.
01420
The geniuses send their regards; they are a customer so I pinged them:
Hi Neil,
Thanks for heads-up. I've forwarded the information to our corporate
domain/smtp management folks.
Sincerely,
MUNGED
Lead Opera
r:Habeas
> x-habeas-report:Please report use of this mark in spam to
> www.habeas.com/report/
>
>
--
Neil Schwartzman
Director, Certification Security & Standards
Return Path Inc.
0142002038
habeas.com/Company_Feedback.php
> ip: 174.143.89.6
>
> using your marks illegally?
>
> was source in question.
That IP is on the Safe whitelist. Problem?
You can check the status of any IP you wish at http://senderscore.org
--
Neil Schwartzman
Director, Certification Security & Standards
Return Path Inc.
0142002038
redirects to
> http://seal.habeas.com/Company_Feedback.php
Nope, not here. I get:
"This page has disappeared
We are sorry, but the page you were looking for can't be found. Don't
worry though, we will help get you to the right place.
When in doubt -- goto the home page:
is that we have a proven track-record (BondedSender -> Sender
Score Certified) and so your patience and help during this transition period
is much appreciated.
--
Neil Schwartzman
Director, Accreditation Standards & Security
Sender Score Certified | Sender Score Safelist
Return Path Inc.
0142002038
We have created an entry on the Spamassassin wiki
http://wiki.apache.org/spamassassin/ReportingSpam
--
Neil Schwartzman
Director, Accreditation Standards & Security
Sender Score Certified | Sender Score Safelist
Return Path Inc.
0142002038
on call me
> trying to convince me I should pay return path to 'bless' my marketing
> emails.
Which website? Habeas.com? ReturnPath.net? SenderScoreCertified.com?
SenderScore.org?
--
Neil Schwartzman
Director, Accreditation Standards & Security
Sender Score Certified | Sender Score Safelist
Return Path Inc.
0142002038
role accounts, ergo the specific addresses for such purposes.
--
Neil Schwartzman
Director, Accreditation Standards & Security
Sender Score Certified | Sender Score Safelist
Return Path Inc.
0142002038
s ever happens
again, get the person's name and write to me directly. Using the
purpose-built addresses will go direct to our compliance queue and avoid any
possibility of such nonsense.
--
Neil Schwartzman
Director, Accreditation Standards & Security
Sender Score Certified | Sender Score Safelist
Return Path Inc.
0142002038
aints, both loud AND
clear.
--
Neil Schwartzman
Director, Accreditation Standards & Security
Sender Score Certified | Sender Score Safelist
Return Path Inc.
0142002038
roblems spammers bring. They are both proactive, and
in my opinion, rapidly reactive to problems brought to their attention.
If you spot spam coming off their systems, send it to ab...@ning.com and
copy us in at the address listed on the wiki. We want to hear about it, and
we want to help Ning put
#x27;s about 800 of them.
These are not placating platitudes; again, we take this seriously. Without
our receiving partners, our product becomes valueless. This is a point
recognized and acknowledged all the way to the top of the company, and
unlike Habeas, I do not report to Sales. That's not h
On 17/03/09 6:59 AM, "John Hardin" wrote:
> A question if I may, Neil: does returnpath run any spamtraps to see
> whether your clients are indeed violating your terms? Having few
> complaints is not necessarily a good metric given the number of people who
> will simply cur
Say one is using Postfix and needs SA in front of ~15 aliases. How long
should this take?
--
Neil Schwartzman
Director, Accreditation Security & Standards
Certified | Safelist
Return Path Inc.
0142002038
On 26/03/09 10:29 PM, "Matt Kettler" wrote:
> Neil Schwartzman wrote:
>>
>> Say one is using Postfix and needs SA in front of ~15 aliases. How
>> long should this take?
>
> That depends mostly on how you want to integrate SA into postfix.
>
> Instal
oks for when specific types of
> rules (whitelist / blacklist or other reputation rules) should be in
> agreement, yet oppose each other?
>
> i realize that it is time sensative on some types of rules yet this is
> reputation based on actual domain name and ip address
Yes pleas
e's enough senders in the
world who actually do need help, we don't need to create business.
Thanks.
--
Neil Schwartzman
Director, Accreditation Security & Standards
Certified | Safelist
Return Path Inc.
0142002038
ois.arin.net
PaeTec Communications, Inc. PAETECCOMM (NET-209-92-0-0-1)
209.92.0.0 - 209.92.255.255
Rodale Inc. RODALE-430488 (NET-209-92-22-0-1)
209.92.22.0 - 209.92.23.255
# ARIN WHOIS database, last updated 2009-04-03 19:10
-
d, runningtimes.com and runnersworld.com may be "legit").
Consent, not content (well, mostly), mouss. As unlikely as it sounds to you
and me, people *do* sign up for this stuff.
Anyway, quite offtopic to this discussion group.
--
Neil Schwartzman
Director, Accreditation Security & Standards
Certified | Safelist
Return Path Inc.
0142002038
On 06/04/09 10:53 AM, "Matus UHLAR - fantomas" wrote:
> On 04.04.09 16:30, Neil Schwartzman wrote:
>> On 04/04/09 4:22 PM, "RobertH" wrote:
>>
>>> 0.2 RCVD_IN_SORBS_DUL RBL: SORBS: sent directly from dynamic IP
>>> address
>
d clarity or rDNS resolution HELO, and so on and
it is something *we* recommend to our certified and safelisted clients
(beyond FQ rDSN which is a requirement), but blocking on something that is
far far far from an industry standard? I'd suggest that is silly at best,
but "do tell us how
"KEYWORD= profanity: bitch;sexual discrimination: bitch"
Sent from: "Neil Schwartzman "
Folder: "SMTP Messages\Inbound"
Location: "psp/TRACYSV05"
On 09/04/09 3:55 PM, "Neil Schwartzman"
wrote:
> On 09/04/09 2:35 PM, "Matus UHLAR - fan
ertified and Safelist whitelists, and we are rolling out DKIM as a
requirement sometime this year.
--
Neil Schwartzman
Director, Accreditation Security & Standards
Certified | Safelist
Return Path Inc.
0142002038
On 24/04/09 11:44 PM, it was written:
> Most people do not fall for it, but the dumbest ones do fall for it.
This is not a question of intellect, it is a question of the verisimilitude
of the messaging.
--
Neil Schwartzman
Director, Accreditation Security & Standards
Certified | Safelist
orks. They have some stringent limitations in how address-book uploads
are undertaken and user accounts deployed.
"the linkedin 'never send me email' has never worked"
If you have verifiable proof of this, feel free to send it to my attention
offlist, and I will have someone h
Spamhaus has uncovered a fake spam filter company which was pirating and
selling DNSBL data stolen from major anti-spam systems including Spamhaus,
CBL and SURBL, republishing the stolen data under the name "nszones.com".
more: http://www.spamhaus.org/organization/statement.lasso?ref
;sa-update'? at
/usr/bin/spamassassin line 403."
Neither does the symbolic link
.spamassassin -> /path/to/saprefs
work, i.e. it keeps getting changed to an actual directory. I am
running SA 3.3.1 from within procmail. Any ideas??? Thanks.
Neil Hodge
subdirectory
tree that gets synched.
>
> Also, I would avoid *any* usage of 'spamassassin' command line options,
> unless for debugging. See the note above regarding such options and
> later use of spamd.
>
Well, maybe I will just break down and get client/server working now . . .
Neil
that the solution I came up with might have
some fatal flaw, but I thought I would give it a shot first . . .
Neil
Karsten, all:
>
> I may be wrong, but I understand Neil is talking about a single, ISP
> provided email address. Just about the same as any Gmail, Yahoo or GMX
> address. There is NO way for a 5xx SMTP response. In fact, he was
> explicitly talking about an IMAP account, so th
stion is nawilliams.com. This is the SPF record:
"v=spf1 mx ptr ~all"
I'm seeing other domains being hit with SPF_SOFTFAIL, so I am at a loss as
to why this one isn't. What am I missing?
I am using SpamAssassin 3.3.1 provided by Ubuntu 10.04.
Neil
rd fail instead
of a soft fail as specified by the SPF record.
Neil
---
2010-08-22 21:22:30 1OnLk4-0005H0-MS H=server70a.appriver.com
(server70.appriver.com) [69.20.116.35] F=
rejected after DATA: Message scored 12.8 spam points.
Envelope-from:
Envelope-to:
P Received: from server
rmit
>
> send a email to postmaster and show your logs about the softfail
> problem, thay will thank you for helping :)
Thanks. I am trying to contact the mail administrator through the user to
get them to correct their SPF record.
Neil
ms.com. 30 IN SPF "v=spf1 mx -all
Okay, that explains it. I should have thought about checking all three
DNS servers. I didn't think about it because I was always getting back
the same result. Thanks. I will notify the mail administrator to get it
fixed.
Neil
25
--
Neil Lazarow - IT Sales / Systems Engineering
Naknan, Inc. IT Solutions
SDB, HMBC Member
Minority, Woman-Owned TX HUB
Cisco Authorized Reseller
NEC Authorized Reseller
Phone: 281-990-0030 ext 22
Fax: 281-990-0033
nlaza...@naknan.com
://www.returnpath.net/blog/received/2010/11/phishing-attack-an-open-letter-to-the-anti-spam-and-mailbox-operator-community/
--
Neil Schwartzman
Senior Director
Security Strategy, Receiver Services
Tel: (303) 999-3217
AIM: returnpathcanuk
http://www.returnpath.net/blog/received/
Help the poor help
,
--
Neil Lazarow - IT Sales / Systems Engineering
Naknan, Inc. IT Solutions
SDB, HMBC Member
Minority, Woman-Owned TX HUB
Cisco Authorized Reseller
NEC Authorized Reseller
Phone: 281-990-0030 ext 22
Fax: 281-990-0033
nlaza...@naknan.com
,
--
Neil Lazarow - IT Sales / Systems Engineering
Naknan, Inc. IT Solutions
SDB, HMBC Member
Minority, Woman-Owned TX HUB
Cisco Authorized Reseller
NEC Authorized Reseller
Phone: 281-990-0030 ext 22
Fax: 281-990-0033
nlaza...@naknan.com
,
--
Neil Lazarow - IT Sales / Systems Engineering
Naknan, Inc. IT Solutions
SDB, HMBC Member
Minority, Woman-Owned TX HUB
Cisco Authorized Reseller
NEC Authorized Reseller
Phone: 281-990-0030 ext 22
Fax: 281-990-0033
nlaza...@naknan.com
,
--
Neil Lazarow - IT Sales / Systems Engineering
Naknan, Inc. IT Solutions
SDB, HMBC Member
Minority, Woman-Owned TX HUB
Cisco Authorized Reseller
NEC Authorized Reseller
Phone: 281-990-0030 ext 22
Fax: 281-990-0033
nlaza...@naknan.com
,
--
Neil Lazarow - IT Sales / Systems Engineering
Naknan, Inc. IT Solutions
SDB, HMBC Member
Minority, Woman-Owned TX HUB
Cisco Authorized Reseller
NEC Authorized Reseller
Phone: 281-990-0030 ext 22
Fax: 281-990-0033
nlaza...@naknan.com
,
--
Neil Lazarow - IT Sales / Systems Engineering
Naknan, Inc. IT Solutions
SDB, HMBC Member
Minority, Woman-Owned TX HUB
Cisco Authorized Reseller
NEC Authorized Reseller
Phone: 281-990-0030 ext 22
Fax: 281-990-0033
nlaza...@naknan.com
,
--
Neil Lazarow - IT Sales / Systems Engineering
Naknan, Inc. IT Solutions
SDB, HMBC Member
Minority, Woman-Owned TX HUB
Cisco Authorized Reseller
NEC Authorized Reseller
Phone: 281-990-0030 ext 22
Fax: 281-990-0033
nlaza...@naknan.com
,
--
Neil Lazarow - IT Sales / Systems Engineering
Naknan, Inc. IT Solutions
SDB, HMBC Member
Minority, Woman-Owned TX HUB
Cisco Authorized Reseller
NEC Authorized Reseller
Phone: 281-990-0030 ext 22
Fax: 281-990-0033
nlaza...@naknan.com
That would not be correct. NJABL is alive and kicking, and not all of
their zones are replicated at Spamhaus. The XBL provides more than 'just'
CBL + NJABL, BTW.
--
Neil Schwartzman
Senior Director, Security Strategy
Email Intelligence Group
Return Path Inc.
+1 (303) 999-3217
AIM: retur
Yeah sorry, I was confused by the subject line which mislead me to think
the point was about whether or not NJABL is still a functioning DNSBL.
Silly me.
--
Neil Schwartzman
Senior Director, Security Strategy
Email Intelligence Group
Return Path Inc.
+1 (303) 999-3217
AIM: returnpathcanuk
http
compliant with RFCs.
There is nothing wrong with having an alternate address, particularly since
abuse@ tends to garner a ton of spam.
Neil Schwartzman
Executive Director
CAUCE - the Coalition Against Unsolicited Commercial Email
Mob: (415) 361-0069
Skype: spamfighter666
SkypeIn: (303) 800-6345
heh, i don't think 'don't ignore' is part of the RFC, but yeah.
On May 6, 2013, at 9:08 AM, John Hardin wrote:
> If there is a working abuse@ address that *isn't being ignored*, they're
> compliant.
On May 6, 2013, at 10:39 AM, Matus UHLAR - fantomas wrote:
>> On May 6, 2013, at 9:08 AM, John Hardin wrote:
>>> If there is a working abuse@ address that *isn't being ignored*, they're
>>> compliant.
>
> On 06.05.13 09:55, Neil Schwartzman wrote:
>
On Jun 10, 2013, at 9:30 PM, Dave Warren wrote:
> I doubt it's "a guy", but it wouldn't surprise me if the botnet that performs
> the dictionary attack forwards the results off to "a guy" to confirm that
> the account works.
no, really, it's a bot. They have tens of millions of compromised a
Uhm. perhaps some snippets from the maillogs, or examples?
On Jun 12, 2013, at 5:59 AM, polloxx wrote:
> Dear list,
>
> We see massive spamruns since begin june. Are other people also similar runs?
> They fill our maillog. Fortunately most is blocked.
smime.p7s
Description: S/MIME cryptogra
On Jun 12, 2013, at 3:37 PM, Daniel McDonald
wrote:
> I believe Paypal is DKIM signed,
Sure is. Also DMARCed and SPFed too.
;; QUESTION SECTION:
;paypal.com.IN TXT
;; ANSWER SECTION:
paypal.com. 7 IN TXT "v=spf1
include:pp._spf.paypal.co
On Jul 19, 2013, at 10:35 PM, Andrea wrote:
> Hi all.
>
> Since a few days ago I'm being buried under spam messages that slip through
> my amavis/SA setup.
> The messages all look alike: plaintext with random junk + URL in the body.
> Pastebin with a few examples here: http://g2z.me/ed64d
>
>
On Jul 20, 2013, at 12:16 AM, AndreaS Schamanek
wrote:
> Giles Coochey wrote:
>> Is there a current issue with reporting to spamcop?
>
> I had problems, too. Though, in my case I just got a warning message on the
> Spamcop web interface saying that messages sent to me were bouncing with
> "5.1
On Aug 9, 2013, at 6:16 AM, Thomas Harold wrote:
> We see a few of these each week, not sure if they are from Russia:
>
> http://pastebin.com/iBmELtSh
Not really that difficult to block.
31.24.139.73
Senderscore of '3'(out of 100)
https://senderscore.org/lookup.php?lookup=31.24.139.73&ipLoo
1 - 100 of 126 matches
Mail list logo
