ps in MTA or in some milter
> or before an MTA rewrote original recipients to steve.
In a sense that's what's wanted... /etc/postfix/virtual contains:
> @mydom.org st...@mydom.org
I want all messages to all users delivered to steve. The thing I found
surprising is that syslog details that
On 08/09/2011 14:21, Bowie Bailey wrote:
> On 9/8/2011 5:07 AM, Steve wrote:
>> This is the thing that was so very, very odd. The message is identical
>> - including the headers. If I look at the first and last spam email in
>> a 9-message block, then u to get the source
On 07/09/2011 16:10, John Hardin wrote:
>> I don't want to use greylisting as I often receive legitimate email from
>> new contacts - often while I'm on the phone to them - so, introducing a
>> delay is undesirable to me.
>
> Perhaps a hybrid approach, where you greylist only if the foreign IP
> ap
There is something curious I've noticed... I'm wondering if I'm unique,
and if there's an obvious way to improve my setup.
I was thumbing through my spam folder, and noticed that the bulk of my
spam conformed to a very obvious pattern... On a time period from
minutes to hours, I receive nine ident
r header and it therefore gets
passed to SpamAssassin when the message is checked. Unfortunately the
placeholder used by Sendmail contains a high-bit character which then
causes this rule to fire.
Regards,
Steve.
Hi David,
On 08/02/11 15:57, David F. Skoll wrote:
Hi, Steve,
http://www.fsl.com/index.php/resources/whitepapers/99
Interesting. I think you should credit me for this:
"Once that has been proven then that â is exempted from further
greylisting for 40 days since it was last seen.&
er and share my results:
See http://www.fsl.com/index.php/resources/whitepapers/99
Kind regards,
Steve.
HTTP request? If they can easily
detect that the request is not a real browser, then they can avoid
detection by using a safe looking fake response, while browser-based
redirects go to the intended spam target.
Currently the default used by the LWP module. Could easily set it to
use an identical string to Firefox or IE.
Regards,
Steve.
rence.
Example:
http://chkpt.zdnet.com/chkpt/whatever/spammer.domain/yo/dude
It's designed to get URIs from CGI redirectors and add them to the
lookup lists for the URIBL plugin. It's *nothing* like what I'm doing
with the shorteners.
Regards,
Steve.
add an additional rule (e.g. scored at 0.001
to see how many times it hits the current limit); but the age old issue
is 'how many is too many?'.
I'll see about pushing out a new version with the updated list of
shorteners and those changes shortly.
Kind regards,
Steve.
Hi All,
On 17/09/10 14:11, Steve Freegard wrote:
Hi All,
Recently I've been getting a bit of filter-bleed from a bunch of spams
injected via Hotmail/Yahoo that contain shortened URLs e.g. bit.ly/foo
that upon closer inspection would have been rejected with a high score
if the real URL had
t for later testing.
I suggest you check your amavis debug/log settings as it looks like
amavis is setting something like $SIG{__DIE__} and reporting it to your
logs in the signal handler. That's fine for debugging - but you're
going to get other noise from things like eval{} blocks such as this and
is not a bug.
Regards,
Steve.
ber to use something different for uri rules.
Cheers,
Steve.
On 20/09/10 16:17, Michael Scheidell wrote:
On 9/20/10 8:15 AM, Steve Freegard wrote:
Caching; if desired it will now cache URLs to a SQLite database for
additional speed-up and to prevent DoS of the shortener services.
any anticipated write lock problems with this due to sqlite not handling
to a SQLite database for
additional speed-up and to prevent DoS of the shortener services.
Cheers,
Steve.
On 17/09/10 14:33, Jari Fredriksson wrote:
It has a typo.
describe URIBL_SHORT...
The rule name is wrong, should be SHORT_URIBL
Didn't you --lint it? ;)
Doh! - fixed.
Regards,
Steve.
om <5 to >10
based on URIDNSBL hits which is just what I wanted.
Hopefully it will be useful to others; you can grab it from:
http://www.fsl.com/support/DecodeShortURLs.pm
http://www.fsl.com/support/DecodeShortURLs.cf
Kind regards,
Steve.
on't accept that as a
valid sender:
MAIL FROM: <"do not mock at your poetenncy - bujyj vjaqrra ppislls" <>>
553 5.5.4 <"do not mock at your poetenncy - bujyj vjaqrra ppislls"
<>>... Domain name required for sender address
Regards,
Steve.
our SA
installation (see www.spameatingmonkey.com website for details).
Note that the DOB list (e.g. dob.sibl.support-intelligence.net) for some
reason doesn't detect any of these for some reason whereas SEM-FRESH is.
Hope this helps.
Kind regards,
Steve.
s extra value
and catch rate.
Hope that helps.
Kind regards,
Steve.
Steve Bertrand wrote:
> Greg Troxel wrote:
>
>> Has anyone else gotten v6 spam?
>
> When I first configured my personal mail servers with IPv6, I wrote a
> parser for my Simscan logs, so I could graph v6 email statistics. Since
> then (~June, 2008), I've recei
t 3.05
...unfortunately, I believe the actual message from this day has already
been eradicated, but if there is interest, I'll start keeping them for
comparison.
Steve
boot) and output was
the lights on the front panel. I also worked on analog computers for a
number of years, it wasn't so much programming as re-engineering. I
actually do miss those days.
--
Steve Lindemann __
Network Administrator //\\ ASCII Ribbo
le2b + rule2c + rule2d > 2)
>
> When adding rules is it a count of the number of rules or the rule scores?
It's the number of times the rule hit (e.g. 0 or 1 for regular rules; 0
or more for rules with 'tflags multiple').
Regards,
Steve.
while, but I just got my first
spam from 74.63.113.30 so it looks like they've got another block of addresses.
Is anyone familiar with this outfit? Does this ISP have any legit traffic and
what address ranges are assigned to them?
Steve
Chris write:
>Steve, are you looking for something like this:
>X-senderip: 213.240.247.107
>X-asn: ASN-20911
>X-cidr: 213.240.244.0/22
>If so I can send you the formail recipes I use.
I was looking for the log files. I decided to go another way that makes it
easier, just create
trying to tally up totals by sending IP of SPAM. So, none of the log
messages show sending IP when used in this environment.
How can we get spamd to log the sending ip? Alternatives?
Steve
TS 0.2
describe SCORE_RCPTS Adding score for each recipient
That will add 0.2 to the score for every recipient present in the To or
Cc header which matches your desire to score +1 for 5 recipients and +2
for 10 or more but with no upper bound (so 50 recipients would add +10),
personally I score this at 0.05 to be on the safe side.
Kind regards,
Steve.
This is very pretty;
X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.3379
Rule breakdown below
pts rule name description
--
--
0.00 NO_REAL_NAME From: doe
>> Are you forgetting URIBL_SBL?? That requires the A or NS records of
>> the URI to function.
>>
>
> We do NS only. Not A.
>
Sorry; my bad
Cheers,
Steve.
s against your DNS resolver. (resolver
> cache poisoning, DoS, etc)
>
>> I can't believe they wrote it themselves - seriously I can't! What plug
>> in is it?
>>
>>
> It's no plugin I know of, but it's a feature we intentionally left out
> of SA for security reasons. So given that it's a really bad idea I'd
> guess barracuda did implement it themselves.
>
Are you forgetting URIBL_SBL?? That requires the A or NS records of
the URI to function.
Regards,
Steve.
kind of 'intent' plugin for SA?
>
> Barracuda (which steal everything else) have an intent scanner that
> looks at links in mails and resolves the name to IP *AND* the AUTH NS.
> Then looking the IP's found up.
>
> I can't believe they wrote it themselves - seriously I can't! What plug
> in is it?
>
>
See 'uridnsbl' in Mail::SpamAssassin::Plugin::URIDNSBL
Regards,
Steve.
Mike Cardwell wrote:
> Steve Bertrand wrote:
>> My question is, given that the messages have already been processed by
>> the 'cuda's (with their header stamps in place), am I damaging, or at
>> risk of confusing the learning process of SA when I classify these
;cuda's (with their header stamps in place), am I damaging, or at
risk of confusing the learning process of SA when I classify these
messages as SPAM?
Are there any negative consequences by doing this?
Steve
smime.p7s
Description: S/MIME Cryptographic Signature
Marc Perkel wrote:
> Does anyone have a list of all domains that provide short url redirection?
I'd start here: http://longurl.org/services
Cheers,
Steve.
de of the original (using eval:check_rbl_sub()), so
if you disable the parent query; you disable all the dependent tests.
If you do a "grep -Eh 'check_rbl\(' *" in your SpamAssassin updates
directory; you'll be able to see all of these parent lookups, then do a
"grep -Eh 'check_rbl_sub\(' *'" to see the lookups based on these.
Cheers,
Steve.
the rulesets from
> /etc/mail/spamassassin/, it went to the never-ending process behavior I
> first mentioned.
>
IIRC - I had this problem on a couple of machines (not using the SOUGHT
rules though); I installed 3.3.0 from SVN and that cured the issue.
Regards,
Steve.
119 (highighted)
>
> http://pastebin.com/m6bb65f86
>
> so, interesting phish or stupid spammer with yahoo.com gooplet installed?
>
X-Mailer: Zimbra 5.0.9_GA_2533.UBUNTU8_64 (zclient/5.0.9_GA_2533.UBUNTU8_64)
Or just Zimbra trying to be helpful and applying it's 'cool'
linkification on an outbound mail?
Cheers,
Steve.
Paweł Tęcza wrote:
> Steve Freegard pisze:
>> Paweł Tęcza wrote:
>>> Also a lot of spams I received have good reverse IP address. We use
>>> greylisting for our mail system, but we still receive that spam.
>>>
>>> Maybe that IP address above
Steve Freegard wrote:
> Normally I wouldn't post these rules here; but I'm interested to see how
> long before this rule gets rendered unless by the botmaster that's
> sending these.
/me waves at the botmaster; that *was* fast - but you still suck
eader plug-in enabled.
Normally I wouldn't post these rules here; but I'm interested to see how
long before this rule gets rendered unless by the botmaster that's
sending these.
Regards,
Steve.
Justin Mason wrote:
> http://ruleqa.spamassassin.org/20090516-r775436-n/T_EMAILBL_TEST_LEM/detail
Would be interesting to see if the 5 ham hits really were ham or whether
they were accidentally misclassified and what the e-mail address was.
Cheers,
Steve.
.0.0 080 mail-bl-mail=655 1.73%
That's 1.73% of every MAIL FROM: seen by this machine. As you would
expect I notice a high correlation of these are from hosts already on
client IP DNSBLs.
214-2.0.0 161 mail-bl-hdr=48 0.96%
214-2.0.0 162 mail-bl-body=10 0.20%
Those percentages are out of the total number of messages input.
No FPs here as expected.
Regards,
Steve.
score/reject domain names in
e-mail; the EMAILBL is designed to score the *entire* e-mail address, so
it should have way less chance of FPs in the first place.
Regards,
Steve.
Mike Cardwell wrote:
> Steve Freegard wrote:
>
>>>> A word of caution. Be very careful how you use the list. The
>>>> intended usage for the list is to prevent (or monitor) local users
>>>> from sending email to the listed addresses. The phisher
ugh with low scores.
I'm also looking at listing URIs that are impossible to list in the
traditional URIBLs e.g. groups.yahoo.com/groupname/message/1
Cheers,
Steve.
1";; print
Digest::MD5::md5_hex($uri).length($uri).".bl.org\n"'
f499f872e8276a4777c3dba48481915a43.bl.org
Cheers,
Steve.
imple as
>
> svn up
> edit rulesrc/sandbox/jm/20_whatever.cf
> svn commit rulesrc/sandbox/jm/20_whatever.cf
>
> and wait ;)
>
Is it possible to get SVN access just to the sandboxes though? I'd be
happy to submit rules for testing. My membership of the -dev list was
after the PreflightByMail announcement and I would have definitely used
it had I been aware of it.
Cheers,
Steve.
John Hardin wrote:
> On Tue, 28 Apr 2009, Steve Freegard wrote:
>
>> To reduce the likelihood of collisions then it's better to add the input
>> string length at the end of the md5 like ClamAV does in it's MD5 sigs
>> e.g.
>>
>> s...@laptop-smf:
Adam Katz wrote:
> Steve Freegard wrote:
>> I've been thinking about creating an emailBL to target dropboxes used
>> for 419 scams, phishing, russian penpals etc. as I have a reasonable way
>> to collect these in real-time and it would close a lot of doors on these
>
'print
Digest::MD5::md5_hex("s...@fsg.com").".emailbl.org\n"'
132e76bc8e252dee7c911ea2cde1f079.emailbl.org
If you want to separate stuff out into different meanings e.g. the
Google Anti-Phishing stuff; then just use a different sub-domain for each.
Just an idea.
Cheers,
Steve.
server c.ixhash.net.
ctyme.ixhash.net name server f.ixhash.net.
The only criticism I have for the ixhash zones is that there is no
published test point (e.g. 2.0.0.127 like for most DNSBLs).
Regards,
Steve.
ween you and the end-user. How does the end-user know that you've
delivered it all? Or that you haven't copied or read it?
There's probably a whole load of other issues I haven't considered - but
these are at least what I could think of immediately.
Cheers,
Steve.
PROTECTED]ERROR:"550 Reply to a phishing
drop-box rejected"
That will stop your MTA sending messages out to these mailboxes and
instead the sender will get a DSN with the SMTP rejection text.
Modify to suit whichever MTA you use...
Regards,
Steve.
om Spamcop; a picture is worth a
thousand words: http://www.spamcop.net/spamgraph.shtml?spammonth
Cheers,
Steve.
Matthias Leisi wrote:
> Maybe you wanted to send this to the list, and not only to me? ;)
>
> Steve schrieb:
>
>> Matthias Leisi wrote:
>>
>>> Many mailservers support "plus addressing", where you use something like
>>> "[EMAIL PRO
I'm contemplating a set-up where I have an email address of the form
"[EMAIL PROTECTED]" where X changes depending upon to whom the email
address is issued. This means that I can issue "[EMAIL PROTECTED]" to
acme corporation - and would want to bias spam detection to assume that
emails to [EMA
SpamAssassin doesn't perform DNS lookups on the Received headers if
at all possible -- it's assumed that your MTA will do that in advance.
Thanks for that. I found this out late last night, and I believe I've
got the issue resolved.
Regards,
Steve
Steve Bertrand wrote:
I've added debugging code to new_dns_packet() and bgsend()
(DnsResolver.pm) to print out $host, $type and $class to a log file.
What I found is that the mapped address entries are not even seen by
DnsResolver.pm at all, hence, there is no DNS lookup even attempt
tem resolver do
what needs to be done.
Am I taking the right approach here? Or should I have the IPv4 address
stripped out of the v6 mapped address prior to pushing it through the
Perl resolver gateways?
Steve
for the noise.
Steve
Received.pm.
Hmmm...just out of curiosity, what is the first entry below used for, if
Resolver.pm is used for header checks?
pearl# locate Resolver.pm
/usr/local/lib/perl5/site_perl/5.8.8/Mail/SpamAssassin/DnsResolver.pm
/usr/local/lib/perl5/site_perl/5.8.8/mach/Net/DNS/Resolver.pm
Steve
set out to set up a simple mail server on IPv6. While
doing so, I've written more patches for software in the last week than I
have my whole life...and I'm not even a programmer ;)
Thanks for the input.
Steve
used mapped addresses.)
When I get a few more minutes, I will go over the reply again, and reply
properly.
I couldn't believe the response (on and off list) regarding help with
IPv6 issues and issues in general.
I think that I'll be happy here ;)
Steve
t of SpamAssassin, I will gladly submit any patches
that identify/rectify my problem.
Thanks, and regards,
Steve
er subs of that list will immediately recognize by the tone
and the writing style of a fake message that it wasn't Bob that sent it.
OK, I suppose that would be caught by SPF rules etc., if bob likes SPF.
Not all mail systems actually block upon SPF breakage...
Steve
blacklists..
Steve Radich - http://www.aspdeveloper.net /
http://www.virtualserverfaq.com
BitShop, Inc. - Development, Training, Hosting, Troubleshooting -
http://www.bitshop.com
-Original Message-
From: James Pratt [mailto:[EMAIL PROTECTED]
Sent: Tuesday, April 22, 2008 9:38 PM
To: spamassa
ve the same issue - doesn't mean anything if the other folks don't
check it.
Steve
I'd agree it's useful - the more info the better - Did you already write
a spamassassin plugin or are you saying someone needs to?
Steve Radich - http://www.aspdeveloper.net /
http://www.virtualserverfaq.com
BitShop, Inc. - Development, Training, Hosting, Troubleshooting -
http://www.b
")" ) /
( Address-literal FWS "(" TCP-info ")" )
TCP-info = Address-literal / ( Domain FWS Address-literal )
; Information derived by server from TCP connection
; not client EHLO.
Steve Radich - http://www.aspdeveloper.net /
http://ww
the file modification time of your flat file.
If it's different than the last look, run
makemap. This would give you a new .db file. Yes, as I said, it IS a
hack, but it's better than nothing :-)
Also, how is the file flat created? Do you create it somehow, or is it
automatic. Nothing to p
orting - that's another thing entirely. As was pointed out in
previous replys, the user
community is not always accurate in reporting what is legit spam, and what
is/was requested
or "permitted". I tend to report manually, although I am writing some code
to semi-automate the
process. The program picks out domains, TLDs in URLs and IP addresses (in
spam), puts them in edit
windows, and then allows me to view the message. At this point, I can click
a button to report the
offending hosts/ips/etc. or not. But, it is semi-manual and therefore
involves time. The tradeoff is
accurate reporting to the various block lists.
I wish I had a better answer for you!
Regards,
Steve
--
View this message in context:
http://www.nabble.com/How-to-report-120%2C000-spams-a-day-tp15857111p15923807.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
on spam *per year*-
something like $100,000 or
probably MORE!!!
Gives us something to do, I guess, but I can think of better uses of time
:-) :-) :-)
Regards,
Steve
--
View this message in context:
http://www.nabble.com/Yet-another-spam-blocker--tp15911630p15923463.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
ng level for
their own particular needs, if the
default system-wide settings are not to their liking. You know, feature
creep :-) "oh, but we could
add this one thing"
Regards,
Steve
--
View this message in context:
http://www.nabble.com/Yet-another-spam-blocker--tp15911630p15920983.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Chris Hoogendyk wrote:
>
>
> Henrik K wrote:
>> On Fri, Mar 07, 2008 at 10:07:16PM -0800, Steve Cloutier wrote:
>>
>>> Hi !
>>>
>>> Call me -- whatever :-) I took a look at SpamAssassin a while back, and
>>> (at
>>>
version 8.14.2 or later is strongly recommended, as there are some
milter API bugs in earlier
versions.
Oh well, for what it's worth!
Regards,
Steve
[EMAIL PROTECTED]
--
View this message in context:
http://www.nabble.com/Yet-another-spam-blocker--tp15911630p15911630.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
log the ips
quickly for those that don't want to set up the server themselves.
In theory the 400 level MX wouldn't be used by "real" smtp very often,
hence it's likely a spammer and therefore the IP could be auto
blacklisted. Realize I'm NOT proposing we block on this
tp / logging side of this is easy for me to implement.
I'm thinking make this a very public (free) service to gather data for
the blacklist, anyone could list the mx.
Thoughts?
Steve Radich - http://www.aspdeveloper.net /
http://www.virtualserverfaq.com
BitShop, Inc. - Development, Training,
Hey guys..
We're seeing the same thing.. although slightly different.. this error has
only been happening for a week or so now.. everything's been fine before
that.. it seems to be with the RSA key generated on 15Jan..
An sa-update -D shows :
[/usr/local/etc/mail/spamassassin]# sa-update -D
[5
ways wondered where "Delivered-To" was added - and why some messages
I've seen have it and others don't.
Time to break out the postfix manual... :-)
Thanks,
Steve
Bowie Bailey wrote:
Catch-all setups always have this problem. You could use SA to figure
out which addresses are likely to be valid, but this means that you have
to accept the message and then call SA for EVERY one of these emails.
I'm aware of that... but the benefits outweigh the problems
Loren Wilton wrote:
Valid email addresses have a well-known structure (i.e. [A-z.]*_NAME)
so, for example [EMAIL PROTECTED] is clearly a bogus address.
Off the top of my head you might be able to do something like (untested):
header__GOOD_NAMETo=~
/[A-Za-z]{1,30}_[A-Za-z\d\.]{2,40
Bowie Bailey wrote:
Catch-all setups always have this problem. You could use SA to figure
out which addresses are likely to be valid, but this means that you have
to accept the message and then call SA for EVERY one of these emails.
I'm aware of that... but the benefits outweigh the problems
I'm looking for suggestions as to the best way to do this.
I've a catch-all mail strategy for a domain, and a number of users have
accounts - say - [EMAIL PROTECTED]; [EMAIL PROTECTED] etc. When engaging
with a new contact, or mailing list, a new email address is generated.
For example:
[E
.00%)
214-2.0.0 110 spamd-sender-marked-spam=16 (0.04%)
So it doesn't happen that often. I did try writing an SA header rule
for these first, but it appears that SA strips out 'X-Spam-Flag' headers
out before the rules are run.
Cheers,
Steve.
_to_journal 1' set as well?
Kind regards,
Steve.
> -Original Message-
> From: Michelle Konzack [mailto:[EMAIL PROTECTED]
> Sent: Friday, October 19, 2007 7:49 AM
> To: users@spamassassin.apache.org
> Subject: Re: unsubscribed
>
>
> Hello Steve,
>
> when I subscribed to this Mailinglist I have gotten a
te:
>
> >Rob Sterenborg wrote:
> >> Steve Ingraham wrote:
> >>
> >>> I cannot help but comment on this post.
> >>>
> >>
> >> Neither can I.
> >>
> >>
> >>> I am one of those ignorant people th
> -Original Message-
> From: Clay Davis [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, October 16, 2007 3:33 PM
> To: users@spamassassin.apache.org
> Subject: RE: unsubscribed
>
>
> Steve, I hope you didn't misunderstand me... I AGREE with you! Clay
are tasked with many many responsibilities of which managing
spamassassin is only a small part. That forces us to not spend as much
time as we should learning everything there is to know about
spamassassin because we have a dozen other responsibilities to take care
of.
Ok time to stop now, forgive me for my rant.
Live Long and Prosper,
Steve
file descriptor
@400047028615024b1ad4 [19049] warn: prefork: select returned -1!
recovering: Bad file descriptor
-Original Message-
From: Steve Ingraham
Sent: Tuesday, October 02, 2007 12:46 PM
To: [EMAIL PROTECTED];
users@spamassassin.apache.org
.
Steve
Microsoft Mail Internet Headers Version 2.0
Received: from mxi.occa.state.ok.us ([172.16.255.12]) by
mxi2.occa.state.ok.us with Microsoft SMTPSVC(6.0.3790.3959);
Tue, 2 Oct 2007 08:11:23 -0500
Received: from dellapp02.occa.state.ok.us
mains and test those against the URIBL_* lists, then it might yield
some good results.
Cheers,
Steve.
yossim wrote:
Hi Steve,
Thanks for the info.
However the version of MailScanner that i use does not support this
attribute.
Is there other place were i can add this header.
No - you'll have to upgrade MailScanner if you want to be able to do
this (it isn't hard).
Kind regards,
Steve.
Ver:
SMEX-7.0.0.1557-5.0.1021-15334.002"
That should do what you need.
Kind regards,
Steve.
n and it seems to work quite well.
Kind regards,
Steve.
decoder wrote:
Try using the SVN Version (revision 132). This is basically the same
as the latest 3.5.x release but some issues with SA 3.2.x were fixed.
Best regards,
Chris
We are running SA 3.2.1 and just wondering if anyone using the SVN
version on a production server processing 10,000
foreach my $rr ($query->answer) {
next unless $rr->type eq "PTR";
return ($rr->rdatastr);
}
} else {
return ($ip);
}
}
HTH,
Steve
Per Jessen wrote:
http://www.prnewswire.com/cgi-bin/stories.pl?ACCT=104&STORY=/www/story/07-17-2007/0004626829&EDATE=
Justin's response is far better reading:
http://taint.org/2007/07/19/122638a.html
Kind regards,
Steve.
t so good with all of this though. Could
you please explain in more detail what you mean by this statement? What
do you mean by adding a time gap? Perhaps I am asking an obvious
question but I am afraid your statement is not obvious to me.
Thanks,
Steve
>
> {^_^}
> - Original Message -
201 - 300 of 572 matches
Mail list logo
