Noel Butler wrote:
> er you do know that's one of my personal domains (and yes a
> community service one) don't you? sure as heck is not a commercial one,
> no money making on ausics :)
My apologies, I jumped to a conclusion.
> I do use the same approach on the commercial side though, and alw
On Tue, 2012-09-18 at 10:38 -0400, Kris Deugau wrote:
> Noel Butler wrote:
> > On Mon, 2012-09-17 at 10:52 -0400, Kris Deugau wrote:
> >
> >> I see more spam[1] from any one of Hotmail, Yahoo, or GMail than
> >> I do coming through the whole set of email service providers I've
> >> IDed (both
Noel Butler wrote:
> On Mon, 2012-09-17 at 10:52 -0400, Kris Deugau wrote:
>
>> I see more spam[1] from any one of Hotmail, Yahoo, or GMail than
>> I do coming through the whole set of email service providers I've
>> IDed (both email-hosting and bulkmailers) of all stripes.
>>
>> As an ISP mail a
Dave Warren writes:
> On 9/16/2012 1:37 AM, Niamh Holding wrote:
>> Hello Dave,
>>
>> Sunday, September 16, 2012, 8:31:56 AM, you wrote:
>>
>> DW> better filtering by listing them as trusted_networks
>>
>> Better filtering by not scoring them as a known spam source!
>>
>
> Correct me if I'm wron
On Mon, 2012-09-17 at 10:52 -0400, Kris Deugau wrote:
> I see more spam[1] from any one of Hotmail, Yahoo, or GMail than I do
> coming through the whole set of email service providers I've IDed
> (both email-hosting and bulkmailers) of all stripes.
>
> As an ISP mail admin, I **CANNOT** afford t
On Mon, 2012-09-17 at 10:44 -0400, dar...@chaosreigns.com wrote:
> On 09/17, Noel Butler wrote:
> >I'm sure every network running a mail server would like to assume they
> > are
> >100% whitehat too. I see no reason to treat them special, just like gmail
> >who think they are above it
On 09/17, Kris Deugau wrote:
> As an ISP mail admin, I **CANNOT** afford to block legitimate mail
> from any source, and if I see a report that a legitimate mail was
> blocked by any local rules or DNSBL data, I change the local rule or
> delete the offending local DNSBL entry ASAP.
Some times I e
Noel Butler wrote:
> It is the exact same approach we all take and should take to all
> spammers, if mail.foobar.com was hitting you with shitloads of
> spam from someuser.example.com, someotheruser.example.net and so
> on, you take out mail.foobar.com, because THEY are the mongrels
> that con
On 09/17, Noel Butler wrote:
>I'm sure every network running a mail server would like to assume they are
>100% whitehat too. I see no reason to treat them special, just like gmail
>who think they are above it all, I wont include hotmail in that, as they
I suppose you think you're capab
On Sun, 2012-09-16 at 13:30 +0100, Niamh Holding wrote:
> Hello Axb,
>
> Sunday, September 16, 2012, 1:18:59 PM, you wrote:
>
> A> They are 100% whitehat
>
> Why do we see repeat spams from the same customers of theirs? Further
> they never even acknowledge reports of spams from their servers.
On Sun, 2012-09-16 at 14:18 +0200, Axb wrote:
> > why should we treat messagelabs any different, they are no more special
> > than anyone else who connects to you.
>
> Depending on your user base, by blocking MessageLabs you'd miss LOTS of
> corporate mail. A "man & his dog" setup may not see F
On 09/16/2012 02:30 PM, Niamh Holding wrote:
Hello Axb,
Sunday, September 16, 2012, 1:18:59 PM, you wrote:
A> They are 100% whitehat
Why do we see repeat spams from the same customers of theirs? Further
they never even acknowledge reports of spams from their servers.
no idea - but if it's
Hello Axb,
Sunday, September 16, 2012, 1:18:59 PM, you wrote:
A> They are 100% whitehat
Why do we see repeat spams from the same customers of theirs? Further
they never even acknowledge reports of spams from their servers.
--
Best regards,
Niamhmailto:ni...@fullb
On 09/16/2012 01:24 PM, Noel Butler wrote:
On Sun, 2012-09-16 at 01:50 -0600, Dave Warren wrote:
On 9/16/2012 1:37 AM, Niamh Holding wrote:
Hello Dave,
Sunday, September 16, 2012, 8:31:56 AM, you wrote:
DW> better filtering by listing them as trusted_networks
Better filtering by not scoring
On Sun, 2012-09-16 at 01:50 -0600, Dave Warren wrote:
> On 9/16/2012 1:37 AM, Niamh Holding wrote:
> > Hello Dave,
> >
> > Sunday, September 16, 2012, 8:31:56 AM, you wrote:
> >
> > DW> better filtering by listing them as trusted_networks
> >
> > Better filtering by not scoring them as a known spa
Hello Dave,
Sunday, September 16, 2012, 8:50:39 AM, you wrote:
DW> I'm having trouble seeing the downside here, but I might be missing
DW> something obvious...?
DNS blacklist checks will never query for hosts on these networks.
http://spamassassin.apache.org/full/3.1.x/doc/Mail_SpamAssassin_Co
On 9/16/2012 1:37 AM, Niamh Holding wrote:
Hello Dave,
Sunday, September 16, 2012, 8:31:56 AM, you wrote:
DW> better filtering by listing them as trusted_networks
Better filtering by not scoring them as a known spam source!
Correct me if I'm wrong here, but trusted_networks will score them
Hello Dave,
Sunday, September 16, 2012, 8:31:56 AM, you wrote:
DW> better filtering by listing them as trusted_networks
Better filtering by not scoring them as a known spam source!
--
Best regards,
Niamhmailto:ni...@fullbore.co.uk
pgpxUeuRoUUZ0.pgp
Description: P
On 9/16/2012 1:24 AM, Niamh Holding wrote:
Saturday, September 15, 2012, 11:28:03 PM, you wrote:
JH> If you subscribe to mail filtering services from a company like
JH> Messagelabs
But Messagelabs also offer spam sending services to their paying
customers.
Right, but is there any evidence t
Hello John,
Saturday, September 15, 2012, 11:28:03 PM, you wrote:
JH> If you subscribe to mail filtering services from a company like
JH> Messagelabs
But Messagelabs also offer spam sending services to their paying
customers.
--
Best regards,
Niamhmailto:ni...@fu
On Sat, 15 Sep 2012, Lutz Petersen wrote:
It's not a special problem with messagelabs. It's in general a problem
with all of these mass marketing mailers. In my opinion all of these
companies/networks never should be placed in any whitelist.
Point of order: The "trusted hosts" list is _NOT_ a
It's not a special problem with messagelabs. It's in general a problem
with all of these mass marketing mailers. In my opinion all of these
companies/networks never should be placed in any whitelist.
If they get blacklisted, so what? _They_ earn the money, manking has
the pain.
But - also in mo
On Thu, 2012-09-13 at 16:37 +0200, Dave Warren wrote:
> >
> > Niamh summed it up nicely, sent by their clients, using their
> > servers, therefore, Messagelabs servers are emitting spam and IMHO
> > should never ever be whitelisted, ever.
>
>
> While that may well be the case, they're still a
On 9/12/2012 1:53 PM, Noel Butler wrote:
On Mon, 2012-09-10 at 17:58 -0700, John Hardin wrote:
>
> I've seen multiple spam from messagelabs
Multiple spams _sent by_ MessageLabs, or multiple spams that they did not
catch and block? If the latter, that's no reason not to add them to
trusted_netw
On 09/10, Helmut Schneider wrote:
> > > If I understood you correctly I'd need to add all relays of
> > > MessageLabs to trusted_networks and also track any IP address
> > > changes...
> >
> > In theory, you need to do this for all DNSxL lookups.
>
> In practise they all resolve fine to *.message
On Mon, 2012-09-10 at 17:58 -0700, John Hardin wrote:
> >
> > I've seen multiple spam from messagelabs
>
> Multiple spams _sent by_ MessageLabs, or multiple spams that they did not
> catch and block? If the latter, that's no reason not to add them to
> trusted_networks.
>
Niamh summed it up
Hello John,
Tuesday, September 11, 2012, 1:58:51 AM, you wrote:
JH> Multiple spams _sent by_ MessageLabs
Sent by messagelabs customers using the messagelabs servers
--
Best regards,
Niamhmailto:ni...@fullbore.co.uk
pgpYKgjzKSQTO.pgp
Description: PGP signature
Hello Helmut,
Monday, September 10, 2012, 7:34:31 PM, you wrote:
HS> MessageLabs
That well know source of spam!
--
Best regards,
Niamhmailto:ni...@fullbore.co.uk
pgprarNY0FTUL.pgp
Description: PGP signature
On 9/10/12 7:36 PM, "Noel Butler" wrote:
>I wouldn't.
>
>I've seen multiple spam from messagelabs
As I understand it, trusted_networks doesn't mean "networks you trust not
to send spam;" rather, it means "networks you trust not to have forged
their Received: headers." Adding the messagelabs serv
On Tue, 11 Sep 2012, Noel Butler wrote:
On Mon, 2012-09-10 at 18:34 +, Helmut Schneider wrote:
If I understood you correctly I'd need to add all relays of MessageLabs
to trusted_networks and also track any IP address changes...
I wouldn't.
I've seen multiple spam from messagelabs
Mult
On Mon, 2012-09-10 at 18:34 +, Helmut Schneider wrote:
> If I understood you correctly I'd need to add all relays of MessageLabs
> to trusted_networks and also track any IP address changes...
>
I wouldn't.
I've seen multiple spam from messagelabs
signature.asc
Description: This is a di
Helmut Schneider wrote:
> Kris Deugau wrote:
>
> > Helmut Schneider wrote:
> > but if their support refuses to tell you, I'd be looking at
> > switching providers
>
> I guess they would if they knew themselves. But project "switch" is
> ongoing... :)
http://images.messagelabs.com/EmailResources
Matthias Leisi wrote:
> On Mon, Sep 10, 2012 at 8:34 PM, Helmut Schneider
> wrote:
>
> >> It looks like RCVD_IN_DNSWL_MED examines "firstuntrusted" and if he
> >> trusts his MX/relays correctly then this shouldn't be happening.
>
> In general, setting up the trustpath correctly is sufficient.
>
Kris Deugau wrote:
> Helmut Schneider wrote:
> > If I understood you correctly I'd need to add all relays of
> > MessageLabs to trusted_networks and also track any IP address
> > changes...
>
> If you don't have that info, and their support refuses to tell you,
> tailing your inbound logs for a w
On Mon, Sep 10, 2012 at 8:34 PM, Helmut Schneider wrote:
>> It looks like RCVD_IN_DNSWL_MED examines "firstuntrusted" and if he
>> trusts his MX/relays correctly then this shouldn't be happening.
In general, setting up the trustpath correctly is sufficient.
> If I understood you correctly I'd n
Helmut Schneider wrote:
> If I understood you correctly I'd need to add all relays of MessageLabs
> to trusted_networks and also track any IP address changes...
If you're using them as your primary spam filter provider, you should
have information somewhere on which IP block(s) your mail will go
t
Dave Funk wrote:
> On Mon, 10 Sep 2012, John Hardin wrote:
>
> > On Mon, 10 Sep 2012, Helmut Schneider wrote:
> >
> > > Short story:
> > > Can I exclude hosts from RCVD_IN_DNSWL_LOW/MED/HI?
> > >
> > > Long story:
> > > We are using an external provider to filter SPAM. We also use SA
> > > inte
John Hardin wrote:
> On Mon, 10 Sep 2012, Helmut Schneider wrote:
>
> > Short story:
> > Can I exclude hosts from RCVD_IN_DNSWL_LOW/MED/HI?
> >
> > Long story:
> > We are using an external provider to filter SPAM. We also use SA
> > internally. Sometimes mails are not recognized as SPAM external
Dave Funk wrote:
> If he's got his "trusted_networks" configured correctly (has his MX/relays
> listed) shouldn't that take care of the problem?
>
> It looks like RCVD_IN_DNSWL_MED examines "firstuntrusted" and if he trusts
> his MX/relays correctly then this shouldn't be happening.
Yes, exactly.
On Mon, 10 Sep 2012, John Hardin wrote:
On Mon, 10 Sep 2012, Helmut Schneider wrote:
Short story:
Can I exclude hosts from RCVD_IN_DNSWL_LOW/MED/HI?
Long story:
We are using an external provider to filter SPAM. We also use SA
internally. Sometimes mails are not recognized as SPAM externally a
On Mon, 10 Sep 2012, Helmut Schneider wrote:
Short story:
Can I exclude hosts from RCVD_IN_DNSWL_LOW/MED/HI?
Long story:
We are using an external provider to filter SPAM. We also use SA
internally. Sometimes mails are not recognized as SPAM externally and
forwarded to SA. The mailrelays of the
Hi,
Short story:
Can I exclude hosts from RCVD_IN_DNSWL_LOW/MED/HI?
Long story:
We are using an external provider to filter SPAM. We also use SA
internally. Sometimes mails are not recognized as SPAM externally and
forwarded to SA. The mailrelays of the external provider are listed in
RCVD_IN_DNS
42 matches
Mail list logo