On 29/11/2023 00:51, Tracy Greggs via users wrote:
Cableone is SOA on this zone, so they are the issue.
You can ask them to create a PTR for your static IP and hope for the
best. Most I have dealt with will do it as long as it's a
commercial account.
On 29.11.23 07:24, Noel Butler wrote:
As
On 11/27/23 16:31, Philip Prindeville wrote:
We're being blacklisted by att.net with the following message:
(reason: 550 5.7.1 Connections not accepted from servers without a valid
sender domain.flph840 Fix reverse DNS for 24.116.100.90)
I don't know what the hell is up with these pinhe
On 29/11/2023 00:51, Tracy Greggs via users wrote:
Cableone is SOA on this zone, so they are the issue.
You can ask them to create a PTR for your static IP and hope for the
best. Most I have dealt with will do it as long as it's a commercial
account.
As I pointed out - but failed to copy/p
uot;
To users@spamassassin.apache.org
Date 11/27/2023 3:31:52 PM
Subject ATT RBL f---wits
On 28/11/2023 08:59, Noel Butler wrote:
~$ host 24.116.100.90
;; connection timed out; no servers could be reached
Seems like AT&T *ARE* doing the correct thing and it is *YOU* with the
problem. before you start calling others f'wits do better
investigation, a dig trace indicates root server
~$ host 24.116.100.90
;; connection timed out; no servers could be reached
Seems like AT&T *ARE* doing the correct thing and it is *YOU* with the
problem. before you start calling others f'wits do better investigation,
a dig trace indicates root servers dont know you.
On 28/11/2023 07:31, Ph
On 2023-11-27 at 16:31:52 UTC-0500 (Mon, 27 Nov 2023 14:31:52 -0700)
Philip Prindeville
is rumored to have said:
We're being blacklisted by att.net with the following message:
(reason: 550 5.7.1 Connections not accepted from servers without a
valid sender domain.flph840 Fix reverse DNS for
We're being blacklisted by att.net with the following message:
(reason: 550 5.7.1 Connections not accepted from servers without a valid
sender domain.flph840 Fix reverse DNS for 24.116.100.90)
I don't know what the hell is up with these pinheads:
philipp@ubuntu22:~$ dig -tmx redfish-solution
> >> >>Anyone have any experience with a dns blacklist specific to known smtp
> >> >>auth abuse?
>
> >> On 15.09.23 17:51, Benny Pedersen wrote:
> >> >spamrats ?
> >> >
> >> >https://www.spamrats.com/
>
> >> I have bad experiente with spam rats and thus wouldn't recommend using
> >> them.
> >> YM
>Marc skrev den 2023-09-15 17:01:
>>Anyone have any experience with a dns blacklist specific to known smtp
>>auth abuse?
On 15.09.23 17:51, Benny Pedersen wrote:
>spamrats ?
>
>https://www.spamrats.com/
I have bad experiente with spam rats and thus wouldn't recommend using
them.
YMMV of cour
Marc skrev den 2023-09-15 23:57:
>Marc skrev den 2023-09-15 17:01:
>>Anyone have any experience with a dns blacklist specific to known smtp
>>auth abuse?
On 15.09.23 17:51, Benny Pedersen wrote:
>spamrats ?
>
>https://www.spamrats.com/
I have bad experiente with spam rats and thus wouldn't reco
> >Marc skrev den 2023-09-15 17:01:
> >>Anyone have any experience with a dns blacklist specific to known smtp
> >>auth abuse?
>
> On 15.09.23 17:51, Benny Pedersen wrote:
> >spamrats ?
> >
> >https://www.spamrats.com/
>
> I have bad experiente with spam rats and thus wouldn't recommend using
> t
Marc skrev den 2023-09-15 17:01:
Anyone have any experience with a dns blacklist specific to known smtp
auth abuse?
On 15.09.23 17:51, Benny Pedersen wrote:
spamrats ?
https://www.spamrats.com/
I have bad experiente with spam rats and thus wouldn't recommend using them.
YMMV of course.
--
> > Anyone have any experience with a dns blacklist specific to known smtp
> > auth abuse?
>
> spamrats ?
>
> https://www.spamrats.com/
yes thanks! this RATS-Auth maybe
Riccardo Alfieri skrev den 2023-09-15 18:23:
On 15/09/23 17:51, Reindl Harald (privat) wrote:
limit the connections per hour on smtp-ports with iptables xt_recent
and configure postfix properly
anvil_rate_time_unit = 1800s
smtpd_client_connection_rate_limit = 100
smtpd_client_re
On 15/09/23 17:51, Reindl Harald (privat) wrote:
limit the connections per hour on smtp-ports with iptables xt_recent
and configure postfix properly
anvil_rate_time_unit = 1800s
smtpd_client_connection_rate_limit = 100
smtpd_client_recipient_rate_limit = 400
smtpd_client_message
On 15/09/23 17:49, Marc wrote:
Is this a freely available list?
It's included in all DQS accounts, free ones too
--
Best regards,
Riccardo Alfieri
Spamhaus Technology
https://www.spamhaus.com/
Marc skrev den 2023-09-15 17:01:
Anyone have any experience with a dns blacklist specific to known smtp
auth abuse?
spamrats ?
https://www.spamrats.com/
>
> >
> > On 15.09.23 15:31, Riccardo Alfieri wrote:
> >> Yes, at previous $dayjob. Applied on the submission MSA, it proved to
> >> be useful in mitigating the fallout when users got their credentials
> >> compromised.
> >
> > can you describe it more?
> >
> Well, I checked the connecting IP of
On 15/09/23 17:35, Matus UHLAR - fantomas wrote:
On 15.09.23 15:31, Riccardo Alfieri wrote:
Yes, at previous $dayjob. Applied on the submission MSA, it proved to
be useful in mitigating the fallout when users got their credentials
compromised.
can you describe it more?
Well, I checked the
On 15/09/23 17:01, Marc wrote:
Anyone have any experience with a dns blacklist specific to known smtp auth
abuse?
On 15.09.23 15:31, Riccardo Alfieri wrote:
Yes, at previous $dayjob. Applied on the submission MSA, it proved to
be useful in mitigating the fallout when users got their credentia
On 15/09/23 17:01, Marc wrote:
Anyone have any experience with a dns blacklist specific to known smtp auth
abuse?
Yes, at previous $dayjob. Applied on the submission MSA, it proved to be
useful in mitigating the fallout when users got their credentials
compromised.
--
Best regards,
Riccardo
Anyone have any experience with a dns blacklist specific to known smtp auth
abuse?
With all respects,
i agree with Bill... but suppose just Bill is wrong... Kam rules are free and
show really huge quality, what is wrong about gently ask for cooperation if
used in a commercial way?
KAM++
Pedro.
On Tuesday, March 21, 2023 at 06:18:38 PM GMT+1, Bill Cole
wrote:
On 20
On 2023-03-21 at 12:52:16 UTC-0400 (Tue, 21 Mar 2023 17:52:16 +0100)
Benny Pedersen
is rumored to have said:
Kevin A. McGrail skrev den 2023-03-21 17:27:
https://mcgrail.com/template/donate
you know the rules to post commericial postings to public free
maillists ?,
What rules exactly are
Kevin A. McGrail skrev den 2023-03-21 17:27:
https://mcgrail.com/template/donate
you know the rules to post commericial postings to public free maillists
?, rspamd did this abuse aswell, now thay have only non free irc
support, and telegram
more talk about linode ? :)
mx ~ # dig -4 +short
Hello All,
I am pleased to announce that users of the KAM ruleset will once again
have the free use of the PCCC Wild RBL.
The RBL was previously removed from use due to its popularity.
Thanks go to Linode.com for donating the servers and as always thanks to
PCCC for the datafeed.
The KAM
Matus UHLAR - fantomas skrev den 2023-03-02 11:50:
Authres plugin should only parse Authentication-Results: headers, not
signatures themselves.
other plugins should be able to use data provided by this plugin.
On 02.03.23 12:55, Benny Pedersen wrote:
+1 funny you provided an eval that worked
giova...@paclan.it skrev den 2023-03-02 12:53:
how ?, this code works without authres enabled as i see it
if DKIM fails but ARC passes DMARC policy could be overriden, this
part doesn't work.
ah okay got it
eval should not be done in dkim but moved to authres so, and results
metadata used
Matus UHLAR - fantomas skrev den 2023-03-02 11:50:
Authres plugin should only parse Authentication-Results: headers, not
signatures themselves.
other plugins should be able to use data provided by this plugin.
+1 funny you provided an eval that worked ? :)
have you seen ARC_VALID or ARC_SIGN
check_awl: 1.95 (0.1%), update_awl: 1.92 (0.1%),
rewrite_mail: 0.00 (0.0%)
Content analysis details: (-2.8 points, 5.0 required)
pts rule name description
-- --
-0.0 RCVD_IN_MSPIKE_H2 RBL: Average
On 3/2/23 11:50, Matus UHLAR - fantomas wrote:
On Wed, Mar 01, 2023 at 09:56:56AM +0100, Matus UHLAR - fantomas wrote:
I have SA 4.0 installed and Mail::SpamAssassin::Plugin::AuthRes available.
However, I don't see AuthRes plugin mention in .pre files nor in SA rules.
Henrik K skrev den 2023-
rule name description
--
--
-0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)
[94.237.105.223 listed in wl.mailspike.net]
-2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at
https://www
On Wed, Mar 01, 2023 at 09:56:56AM +0100, Matus UHLAR - fantomas wrote:
I have SA 4.0 installed and Mail::SpamAssassin::Plugin::AuthRes available.
However, I don't see AuthRes plugin mention in .pre files nor in SA rules.
Henrik K skrev den 2023-03-01 10:28:
Because it's experimental and unfi
On 3/1/23 14:30, Benny Pedersen wrote:
Henrik K skrev den 2023-03-01 10:28:
On Wed, Mar 01, 2023 at 09:56:56AM +0100, Matus UHLAR - fantomas wrote:
I have SA 4.0 installed and Mail::SpamAssassin::Plugin::AuthRes available.
However, I don't see AuthRes plugin mention in .pre files nor in SA rule
On Wed, Mar 01, 2023 at 04:46:27PM +0100, Matus UHLAR - fantomas wrote:
>
> 1. "header.a=rsa-sha256" and "header.s=hege2" options in
> Authentication-Results: for dkim where "a" contains algorithm and "s" the
> used selector.
>
> 2. unknown "arc" Authentication-Results: header
>
> removing menti
Matus UHLAR - fantomas skrev den 2023-03-01 15:40:
so, if your mail doesn't get delivered within 1.5 seconds and the DKIM
signature expires on the fly, the mail gets dropped from mail server?
On 01.03.23 16:33, Benny Pedersen wrote:
no, aligned spf pass from facebook, and even on unaligned i do
On 01.03.23 11:55, Henrik K wrote:
Bah, I think it was tested as atleast working without errors. I'll have a
look..
On 01.03.23 11:04, Matus UHLAR - fantomas wrote:
yes, it's working at least partly:
Authentication-Results: fantomas.fantomas.sk; dmarc=none (p=none dis=none)
header.from=hege
Matus UHLAR - fantomas skrev den 2023-03-01 15:40:
so, if your mail doesn't get delivered within 1.5 seconds and the DKIM
signature expires on the fly, the mail gets dropped from mail server?
no, aligned spf pass from facebook, and even on unaligned i do not
reject dkim fails, this is a job f
Matus UHLAR - fantomas skrev den 2023-03-01 09:56:
I hope these senders expire their e-mail 1.5 hours after sending...
On 01.03.23 13:35, Benny Pedersen wrote:
facebook can do it in 1.5 sekunds :)
so, if your mail doesn't get delivered within 1.5 seconds and the DKIM
signature expires on th
Matus UHLAR - fantomas skrev den 2023-03-01 10:50:
.
Mar 1 10:47:17.689 [19813] warn: Use of uninitialized value $result
in string eq at /usr/share/perl5/Mail/SpamAssassin/Plugin/AuthRes.pm
line 302.
spamassassin --version ?
aurhres was in 3.4.6 aswell is why i ask
authres in 4.0.0 does imho
Henrik K skrev den 2023-03-01 10:28:
On Wed, Mar 01, 2023 at 09:56:56AM +0100, Matus UHLAR - fantomas wrote:
I have SA 4.0 installed and Mail::SpamAssassin::Plugin::AuthRes
available.
However, I don't see AuthRes plugin mention in .pre files nor in SA
rules.
Because it's experimental and unfin
Matus UHLAR - fantomas skrev den 2023-03-01 09:56:
I hope these senders expire their e-mail 1.5 hours after sending...
facebook can do it in 1.5 sekunds :)
This should be avoidable by using opendkim at SMTP time, and using
Mail::SpamAssassin::Plugin::AuthRes plugin in the way that DKIM rules
On 01.03.23 11:55, Henrik K wrote:
Bah, I think it was tested as atleast working without errors. I'll have a
look..
yes, it's working at least partly:
Authentication-Results: fantomas.fantomas.sk; dmarc=none (p=none dis=none)
header.from=hege.li
Authentication-Results: fantomas.fantomas.sk;
On Wed, Mar 01, 2023 at 10:50:02AM +0100, Matus UHLAR - fantomas wrote:
> > On Wed, Mar 01, 2023 at 09:56:56AM +0100, Matus UHLAR - fantomas wrote:
> > > I have SA 4.0 installed and Mail::SpamAssassin::Plugin::AuthRes available.
> > >
> > > However, I don't see AuthRes plugin mention in .pre files
On Wed, Mar 01, 2023 at 09:56:56AM +0100, Matus UHLAR - fantomas wrote:
I have SA 4.0 installed and Mail::SpamAssassin::Plugin::AuthRes available.
However, I don't see AuthRes plugin mention in .pre files nor in SA rules.
On 01.03.23 11:28, Henrik K wrote:
Because it's experimental and unfini
On Wed, Mar 01, 2023 at 09:56:56AM +0100, Matus UHLAR - fantomas wrote:
>
> I have SA 4.0 installed and Mail::SpamAssassin::Plugin::AuthRes available.
>
> However, I don't see AuthRes plugin mention in .pre files nor in SA rules.
Because it's experimental and unfinished.
> I will try to load it
Rob McEwen wrote:
All I know for sure is this - for MANY legit emails - DKIM fails
some days later
On 28.02.23 12:52, Kris Deugau wrote:
Hours.
I've recently learned about this, in the context of trying to
welcomelist legitimate senders. A 2-hour validity window for the DKIM
signature is p
Rob McEwen wrote:
Benny,
All I know for sure is this - for MANY legit emails - DKIM fails some
days later
Hours.
I've recently learned about this, in the context of trying to
welcomelist legitimate senders. A 2-hour validity window for the DKIM
signature is pretty common. :(
- when it
Thank you to everybody that replied to my request. I knew I was not clear
in my message... :-)) sorry about it.
I have 2 paid RBL (so I don't care about number of queries) at the frontier
MTA. These RBLs reject a ton of connections and so the number of messages
reaching SA is already re
Rob McEwen skrev den 2023-02-26 19:45:
Benny,
All I know for sure is this - for MANY legit emails - DKIM fails some
days later - when it had originally worked/validated at the time the
message was sent.
when i begined dkim signing i did that tought why would it be valid
after delivery, could
/updated. But whatever the cause, this is STILL a
reality that's worth noting, for anyone who is rescanning messages
later.
Rob McEwen, invaluement
-- Original Message --
From "Benny Pedersen"
To users@spamassassin.apache.org
Date 2/26/2023 1:37:53 PM
Subject Re: rep
Rob McEwen skrev den 2023-02-26 19:03:
...
sent. This can lead to many egregious false positives. But doing this
"one hour later" shouldn't have this problem.
message-id is timebased, so why invalidate it ? :)
i did that mistake on not dkim sign that header
in that regard i now have 2048 kbi
Something to keep in mind about this idea of rescanning messages later -
once more anti-spam data is available - for use in training/reporting
spams - this probably should NOT be done days later because SOME senders
aggressively expire/recycle DKIM dns records. I guess that is to
minimize the a
On 2023-02-25 at 09:34:52 UTC-0500 (Sat, 25 Feb 2023 15:34:52 +0100)
hg user
is rumored to have said:
The last time I was hit by a not-recognized phishing campaign, no Ips
nor
domains were present in RBL. When I took action one hour later I found
that
several of them were listed.
So my idea
On Sat, 25 Feb 2023, hg user wrote:
The last time I was hit by a not-recognized phishing campaign, no Ips nor
domains were present in RBL. When I took action one hour later I found that
several of them were listed.
So my idea is; is it possible to replay the queries one/two hours later
On 25.02.23 15:34, hg user wrote:
The last time I was hit by a not-recognized phishing campaign, no Ips nor
domains were present in RBL. When I took action one hour later I found that
several of them were listed.
So my idea is; is it possible to replay the queries one/two hours later?
you can
The last time I was hit by a not-recognized phishing campaign, no Ips nor
domains were present in RBL. When I took action one hour later I found that
several of them were listed.
So my idea is; is it possible to replay the queries one/two hours later?
I envision two methods:
- logging the
On 1/9/2023 3:55 AM, Matus UHLAR - fantomas wrote:
Until I can get around to updating I'm considering just nuking the
actual tests from the ruleset.
Much easier and reliable way:
dns_query_restriction deny spamhaus.org
Charles Sprickman skrev den 2023-01-09 08:04:
Trying this on half the pai
Until I can get around to updating I'm considering just nuking
the actual tests from the ruleset.
Much easier and reliable way:
dns_query_restriction deny spamhaus.org
Charles Sprickman skrev den 2023-01-09 08:04:
Trying this on half the pair, I assume this hits all subdomains of
spamhaus.or
Charles Sprickman skrev den 2023-01-09 08:04:
Until I can get around to updating I'm considering just nuking the
actual tests from the ruleset.
Much easier and reliable way:
dns_query_restriction deny spamhaus.org
Trying this on half the pair, I assume this hits all subdomains of
spamhaus.o
> On Jan 8, 2023, at 10:35 PM, Henrik K wrote:
>
> On Sun, Jan 08, 2023 at 04:23:11PM -0500, Charles Sprickman wrote:
>> What did you end up with?
>>
>> I have a bunch of zero rules for these yet still keep getting the
>> "administrative notice" from sbl/zen.
>>
>> The fact that those guys
> On Jan 8, 2023, at 10:44 PM, joe a wrote:
>
> On 1/8/2023 4:23 PM, Charles Sprickman wrote:
>> What did you end up with?
>
> score RCVD_IN_ZEN_BLOCKED_OPENDNS 0
>
> I am not certain if that stops the test or simply reporting of the message.
> Looks like I will need to do some packet captu
On 1/8/2023 10:35 PM, Henrik K wrote:
On Sun, Jan 08, 2023 at 04:23:11PM -0500, Charles Sprickman wrote:
. . .
# remove spamhaus tests,. . .
score RCVD_IN_SBL 0
score RCVD_IN_XBL 0
score RCVD_IN_PBL 0
score URIBL_SBL 0
score URIBL_CSS 0
score URIBL_SBL_A 0. . .
Much easier and reliable way:
d
kely I just allowed myself to be
misled, "chaff".
and all related plugins
Yet I still see this while "skip_rbl_checks 1" (in both above scenarios):
clear your config :)
"RCVD_IN_ZEN_BLOCKED_OPENDNS RBL: ADMINISTRATOR NOTICE:"
Which suggests that one runs despit
On 1/8/2023 4:23 PM, Charles Sprickman wrote:
What did you end up with?
score RCVD_IN_ZEN_BLOCKED_OPENDNS 0
I am not certain if that stops the test or simply reporting of the
message. Looks like I will need to do some packet capture after all.
I have a bunch of zero rules for these yet st
e docs, or, one is expected to infer
the "score" word.
Yet I still see this while "skip_rbl_checks 1" (in both above scenarios):
"RCVD_IN_ZEN_BLOCKED_OPENDNS RBL: ADMINISTRATOR NOTICE:"
Which suggests that one runs despite the directive or, I am using the
wron
On Sun, Jan 08, 2023 at 04:23:11PM -0500, Charles Sprickman wrote:
> What did you end up with?
>
> I have a bunch of zero rules for these yet still keep getting the
> "administrative notice" from sbl/zen.
>
> The fact that those guys don't just send out a "yes, this is on by default in
> spamas
Charles Sprickman skrev den 2023-01-08 22:23:
What did you end up with?
I have a bunch of zero rules for these yet still keep getting the
"administrative notice" from sbl/zen.
The fact that those guys don't just send out a "yes, this is on by
default in spamassassin, here is copy pasta to turn
t; (in both above
scenarios):
clear your config :)
"RCVD_IN_ZEN_BLOCKED_OPENDNS RBL: ADMINISTRATOR NOTICE:"
Which suggests that one runs despite the directive or, I am using the
wrong one.
make /etc/resolv.conf only have nameserver 127.0.0.1 and you ether have
bind, unbound, pdns-recursor as of your own choise
still problems ?, lets hear them
>> to not run those tests.
>> Placing "score" at the beginning of the line makes lint happy and SA seems
>> to start fine and also does not run those tests.
>> So, one assumes it is a typo in the docs, or, one is expected to infer the
>> "score" wor
fer
the "score" word.
Yet I still see this while "skip_rbl_checks 1" (in both above scenarios):
"RCVD_IN_ZEN_BLOCKED_OPENDNS RBL: ADMINISTRATOR NOTICE:"
Which suggests that one runs despite the directive or, I am using the
wrong one.
And the answer to the latter is "I had the wrong directive". Which is
obvious. Now.
quot; word.
Yet I still see this while "skip_rbl_checks 1" (in both above scenarios):
"RCVD_IN_ZEN_BLOCKED_OPENDNS RBL: ADMINISTRATOR NOTICE:"
Which suggests that one runs despite the directive or, I am using the
wrong one.
On 2022-12-02 at 08:04:40 UTC-0500 (Fri, 2 Dec 2022 08:04:40 -0500)
Alex
is rumored to have said:
Hi,
Is anyone (everyone?) also experiencing DNS timeouts with barracuda?
Chonically, for years, until I gave up on them. Not worthy of production
use.
02-Dec-2022 07:03:02.229 query-errors:
Alex skrev den 2022-12-02 14:04:
Any bind experts know of a way to record which nameserver is timing
out so I can perhaps exclude them? Any idea why it wouldn't just
rotate to the next one, or even how to confirm whether it's doing
that?
you are using
1: rbls not default in spamassassin
2: no
Hi,
Is anyone (everyone?) also experiencing DNS timeouts with barracuda?
02-Dec-2022 07:03:02.229 query-errors: client @0x7fd19d26c968
127.0.0.1#37098 (168.22.111.13.bb.barracudacentral.org): query failed
(timed out) for 168.22.111.13.bb.barracudacentral.org/IN/A at
../../../lib/ns/query.c:7729
0
META:
The message below seems to be a reply to a message by Harald Reindl, who
was blocked from posting to this mailing list in the past for chronic
unreasonably combative behavior. Unfortunately, there's no way to stop
him from reading this mailing list via any of the public archives or a
's
On 2022-06-29 10:25, Matus UHLAR - fantomas wrote:
Since SpamAssassin does deep header scanning, it's more effective than
just use incoming IP at MTA level.
On 29.06.22 10:58, Benny Pedersen wrote:
this is not good, its a sign of forwarding that forwards spam in the
first place, that make the
On 2022-06-29 11:05, Marc wrote:
I don't really get what you wrote. There is something for blocking at
ip level, least resource intensive, and there is an application for
doing the advanced header/body scans at a later stage.
dont use deap ip scanning on dnsbl
use deap content scanning is ok,
>
> On 2022-06-29 10:25, Matus UHLAR - fantomas wrote:
> > Since SpamAssassin does deep header scanning, it's more effective than
> > just use incoming IP at MTA level.
>
> this is not good, its a sign of forwarding that forwards spam in the
> first place, that make the forwarding ip grey, not wh
On 2022-06-29 10:25, Matus UHLAR - fantomas wrote:
Since SpamAssassin does deep header scanning, it's more effective than
just use incoming IP at MTA level.
this is not good, its a sign of forwarding that forwards spam in the
first place, that make the forwarding ip grey, not white/wellcommed,
Is this actually going out and doing a DNS query or reading from the
header of the message?
I think I want to actually do the DNS query and I will cache locally to
avoid issues and increase performance.
That is what dns servers do, cache. If you have your local dns, these
requests are probably
On 2022-06-29 02:56, Joey J wrote:
Hello All, not sure where I'm going wrong.
in my custom.cf [3] I have
#RBL's
header RCVD_IN_ZENSPAMHAUS eval:check_rbl('zenspamhaus-lastexternal',
'zen.spamhaus.org.')
describe RCVD_IN_ZENSPAMHAUS Relay is listed in zen.spamhaus.org [4]
tflags RCVD_IN_ZENSPAMH
On 2022-06-28 23:22, Marc wrote:
If you conclude something based on some month, there is no going back
on this. I know people in IT that did not learn anything in 15 years.
As for now, I am not really convinced by your arguments.
Subject RE: RBL via Spamassasin configuration
FromMarc
To
Hello All, not sure where I'm going wrong.
in my custom.cf I have
#RBL's
header RCVD_IN_ZENSPAMHAUS eval:check_rbl('zenspamhaus-lastexternal',
'zen.spamhaus.org.')
describe RCVD_IN_ZENSPAMHAUS Relay is listed in zen.spamhaus.org
tflags RCVD_IN_ZENSPAMHAUS net
score RCVD_IN_ZENSPAMHAUS 5.0
if I qu
Thank you, this makes sense, I will look through the mentioned resource.
On Tue, Jun 28, 2022 at 5:28 PM Bill Cole <
sausers-20150...@billmail.scconsult.com> wrote:
> On 2022-06-28 at 14:38:16 UTC-0400 (Tue, 28 Jun 2022 14:38:16 -0400)
> Joey J
> is rumored to have said:
>
> > Hello All,
> >
> >
> biggest nonsense at all when it comes to spammes given that i added some
> hundrets addresses never existed to collect the bodies for trainign and
> for the outisde world they are still rejects (milter)
How is the guessing of existing email addresses relevant to the current
discussion?
On 2022-06-28 at 14:38:16 UTC-0400 (Tue, 28 Jun 2022 14:38:16 -0400)
Joey J
is rumored to have said:
Hello All,
In trying to setup RBL's with SA, I wanted to make sure the proper way
to
do it.
I have seen some samples like this
header RCVD_IN_BARRACUDACEN eval:check_rbl('bbarracuda-lastexter
> BTW: "spammers also strife to optimize the usage of their resources"
> shows that you know little to nothing!
>
> they are using infected machines all over they world
>
> that bot's are running completly without any feedback because it would
> make it possible to track the origin
>
> even
>
>
> Am 28.06.22 um 20:56 schrieb Marc:
> > I also believe there is an advantage in rejecting messages, compared
> to just marking them. Rejecting messages will train spam systems not to
> try more.
> > If they know you allow messages through, they will only send you more
>
> that's nonsense -
> In trying to setup RBL's with SA, I wanted to make sure the proper way
> to do it.
> I have seen some samples like this
> header RCVD_IN_BARRACUDACEN eval:check_rbl('bbarracuda-lastexternal',
> 'b.barracudacentral.org.')
> describe RCVD_IN_BARRACUDACEN Relay is listed in b.barracudacentral.org
>
Hello All,
In trying to setup RBL's with SA, I wanted to make sure the proper way to
do it.
I have seen some samples like this
header RCVD_IN_BARRACUDACEN eval:check_rbl('bbarracuda-lastexternal',
'b.barracudacentral.org.')
describe RCVD_IN_BARRACUDACEN Relay is listed in b.barracudacentral.org
tf
tps://aka.ms/AAb9ysg>
From: Dave Funk
Sent: Monday, July 19, 2021 10:55:19 AM
To: users@spamassassin.apache.org
Subject: Re: SA 3.4.5 meta with RBL rules not working.
Ugg, I was afraid of that.
For decades I've rolled my own install of things like s
es quit working.
I have a number of meta rules that combine RBL/URIBL rules with other rules
and they no longer fire, eventho the various components are fireing.
EG, a rule like:
meta L_TEST_NS2c ( URIBL_ABUSE_SURBL && HTML_MESSAGE )
describe L_TEST_NS2c abusive HTML message
scor
On 2021-07-19 09:43, Henrik K wrote:
How about upgrading to latest 3.4.6?
not in gentoo yet :)
waiting for 4.0.0
where less problems is in, hopply aswell that some dkim validation is
not working while later tests shows dkim is valid, but not when
spamassassin is called from fuglu
fuglu us
les quit working.
>
> I have a number of meta rules that combine RBL/URIBL rules with other rules
> and they no longer fire, eventho the various components are fireing.
>
> EG, a rule like:
>
> meta L_TEST_NS2c ( URIBL_ABUSE_SURBL && HTML_MESSAGE )
> des
I recently updated from SA 3.4.1 to 3.4.5 and noticed that a number of my "meta"
rules quit working.
I have a number of meta rules that combine RBL/URIBL rules with other rules and
they no longer fire, eventho the various components are fireing.
EG, a rule like:
meta L
On Wed, 23 Dec 2020, Grant Taylor wrote:
On 12/23/20 9:55 PM, John Hardin wrote:
Did you see my mention of this earlier?
Yes, I did see it.
That's a bit more invasive of a change than I was hoping to do for this task.
I had been waiting to reply to your earlier message to test some things t
On Wed, 23 Dec 2020, Grant Taylor wrote:
On 12/23/20 2:15 PM, John Hardin wrote:
spamass-milter has a -u flag for a username to pass to SA. If these are
single-recipient messages that may be enough to reliably tie into per-user
config to disable the RBL check.
It seems as if spamass-milter
On 12/22/20 4:56 PM, Grant Taylor wrote:
Is there a way to bypass RBL checks for a specific address?
Thank you all.
I believe I have been able to get the result I desired and learn a few
things in the process.
TL;DR: Setting scores to 0 in the specific recipient's
~/.spamass
1 - 100 of 1083 matches
Mail list logo
