Am 24.11.2015 um 20:16 schrieb David Jones:
From: Reindl Harald
and that is why i call it harmful to completly rely on the Received
header instead doing the DNS lookup based on the IP which would have a
lot of advantages:
* less error prone
* even when the MTA had a timeout a chance that th
El día Tuesday, November 24, 2015 a las 05:08:20PM +0100, Reindl Harald
escribió:
> i dunno why the OP is fetching his mail from his ISP and then feed
> spamassassin with the mails local,
WHy you dunno this? My mail must arrive somewhere, from where I can
fetch it with fetchmail+imap when I'm o
Am 24.11.15 um 14:40 schrieb Matthias Apitz:
El día Tuesday, November 24, 2015 a las 01:47:23PM +0100, Reindl Harald
escribió:
On 24.11.15 13:24, Reindl Harald wrote:
on the other hand why can't SA not do the lookup for the IP of
"Received: from [140.211.11.3]" given that it does a lot of dns
Am 24.11.2015 um 20:24 schrieb Matthias Apitz:
El día Tuesday, November 24, 2015 a las 05:08:20PM +0100, Reindl Harald
escribió:
i dunno why the OP is fetching his mail from his ISP and then feed
spamassassin with the mails local,
WHy you dunno this? My mail must arrive somewhere, from whe
>From: Reindl Harald
>Sent: Tuesday, November 24, 2015 1:20 PM
>To: users@spamassassin.apache.org
>Subject: Re: question re/ RDNS_NONE
>Am 24.11.2015 um 20:16 schrieb David Jones:
>>> From: Reindl Harald
>>> and that is why i call it harmful to completly rely o
Am 24.11.2015 um 20:27 schrieb Edda:
Am 24.11.15 um 14:40 schrieb Matthias Apitz:
El día Tuesday, November 24, 2015 a las 01:47:23PM +0100, Reindl
Harald escribió:
On 24.11.15 13:24, Reindl Harald wrote:
on the other hand why can't SA not do the lookup for the IP of
"Received: from [140.211
El día Tuesday, November 24, 2015 a las 08:29:40PM +0100, Reindl Harald
escribió:
> > WHy you dunno this? My mail must arrive somewhere, from where I can
> > fetch it with fetchmail+imap when I'm online again with my FreeBSD netbook
> > or
> > my Ubuntu mobile phone
>
> normally a sane ISP *sho
On 24 Nov 2015, at 13:47, David Jones wrote:
Could this be dependent on the MTA used? I am using Postfix
which puts in Received headers like this:
Received: from econnect.dmsgs.com (unknown [8.224.216.57])
That IP has a PTR record but it doesn't match the SMTP HELO of
econnect.dmsgs.com so Po
Am 24.11.2015 um 20:36 schrieb David Jones:
From: Reindl Harald
Sent: Tuesday, November 24, 2015 1:20 PM
To: users@spamassassin.apache.org
Subject: Re: question re/ RDNS_NONE
Am 24.11.2015 um 20:16 schrieb David Jones:
From: Reindl Harald
and that is why i call it harmful to completly
Am 24.11.2015 um 20:40 schrieb Matthias Apitz:
El día Tuesday, November 24, 2015 a las 08:29:40PM +0100, Reindl Harald
escribió:
WHy you dunno this? My mail must arrive somewhere, from where I can
fetch it with fetchmail+imap when I'm online again with my FreeBSD netbook or
my Ubuntu mobile
>From: Bill Cole
>Sent: Tuesday, November 24, 2015 1:41 PM
>To: users@spamassassin.apache.org
>Subject: Re: question re/ RDNS_NONE
>On 24 Nov 2015, at 13:47, David Jones wrote:
>> Could this be dependent on the MTA used? I am using Postfix
>> which puts in
On Tue, 24 Nov 2015, Reindl Harald wrote:
i would suggest when the Received header for the *first* untrusted hop
Just so we're clear on first vs. last: the host that submitted the mail to
the most-remote MTA whose headers you trust.
don't contain a reverse dns information *and only then* do
On 24 Nov 2015, at 14:54, David Jones wrote:
From: Bill Cole
Sent: Tuesday, November 24, 2015 1:41 PM
To: users@spamassassin.apache.org
Subject: Re: question re/ RDNS_NONE
On 24 Nov 2015, at 13:47, David Jones wrote:
Could this be dependent on the MTA used? I am using Postfix
which puts
Am 24.11.15 um 21:03 schrieb John Hardin:
On Tue, 24 Nov 2015, Reindl Harald wrote:
i would suggest when the Received header for the *first* untrusted hop
Just so we're clear on first vs. last: the host that submitted the
mail to the most-remote MTA whose headers you trust.
don't contain a
>From: Bill Cole
>Sent: Tuesday, November 24, 2015 3:31 PM
>To: users@spamassassin.apache.org
>Subject: Re: question re/ RDNS_NONE
>On 24 Nov 2015, at 14:54, David Jones wrote:
>>> From: Bill Cole
>>> Sent: Tuesday, November 24, 2015 1:41 PM
>>> To:
On Tue, 2015-11-24 at 17:08 +0100, Reindl Harald wrote:
>
> why not read the thread from thje first beginning?
>
What makes you think I didn't? Though I rather wish I hadn't.
> i dunno why the OP is fetching his mail from his ISP and then feed
> spamassassin with the mails local, *but* he does
On Tue, 24 Nov 2015 12:03:12 -0800 (PST)
John Hardin wrote:
> On Tue, 24 Nov 2015, Reindl Harald wrote:
>
> > i would suggest when the Received header for the *first* untrusted
> > hop
>
> Just so we're clear on first vs. last: the host that submitted the
> mail to the most-remote MTA whose he
On Tue, 24 Nov 2015, RW wrote:
On Tue, 24 Nov 2015 12:03:12 -0800 (PST)
John Hardin wrote:
On Tue, 24 Nov 2015, Reindl Harald wrote:
i would suggest when the Received header for the *first* untrusted
hop
Just so we're clear on first vs. last: the host that submitted the
mail to the most-re
On Tue, 24 Nov 2015 20:29:40 +0100
Reindl Harald wrote:
> Am 24.11.2015 um 20:24 schrieb Matthias Apitz:
> > El día Tuesday, November 24, 2015 a las 05:08:20PM +0100, Reindl
> > Harald escribió:
> >> i dunno why the OP is fetching his mail from his ISP and then feed
> >> spamassassin with the mai
On Tue, 24 Nov 2015 15:15:17 -0800 (PST)
John Hardin wrote:
> On Tue, 24 Nov 2015, RW wrote:
>
> > On Tue, 24 Nov 2015 12:03:12 -0800 (PST)
> > John Hardin wrote:
> >
> >> On Tue, 24 Nov 2015, Reindl Harald wrote:
> >>
> >>> i would suggest when the Received header for the *first* untrusted
>
On November 25, 2015 12:15:45 AM John Hardin wrote:
It would be the last relay into the internal network, if it's from an
untrusted server. The edge of the trusted network may be a submission
server.
You don't trust the headers your submission server generates?
rdns_none possible missing e
El día Tuesday, November 24, 2015 a las 08:27:45PM +0100, Edda escribió:
> Anyway, for the moment, here's the patch, diff is on version 3.4.1:
>
> Rule (I tested it as a simple rule in local.cf, sure one can combine it
> with RDNS_NONE):
>
> ifplugin Mail::SpamAssassin::Plugin::DNSEval
>
> hea
El día Tuesday, November 24, 2015 a las 08:27:45PM +0100, Edda escribió:
I have found the bug in your patch, just a spelling issue:
>
> pop:Mail eh$ diff -u SpamAssassin/Plugin/DNSEval.pm.ORG
> SpamAssassin/Plugin/DNSEval.pm
> --- SpamAssassin/Plugin/DNSEval.pm.ORG2015-11-24 19:02:58.0
om',
+'check_dsn_rdns',
^^
'check_dns_sender',
];
@@ -373,6 +374,25 @@
}
}
+sub check_dns_rdns {
^^^^^^
Ouch, sorry, i tested it on 3.3.1 and "re-typed" that line in 3.4.1
Does the patch work for you?
Edda
gt;
> >> @@ -373,6 +374,25 @@
> >> }
> >>}
> >>
> >> +sub check_dns_rdns {
> > ^^
> >
> >
> Ouch, sorry, i tested it on 3.3.1 and "re-typed" that line in 3.4.1
Note: for 3.4.0 one must change as
On 11/25/2015 6:07 AM, Edda wrote:
Ouch, sorry, i tested it on 3.3.1 and "re-typed" that line in 3.4.1
Does the patch work for you?
Since we're currently developing in both 3.4.2 and 4.0 and now you have
bumped into the same problem, I might as well share this:
repat
On Wed, 25 Nov 2015 12:32:59 +0100
Matthias Apitz wrote:
> I think we can close this thread now :-)
IIWY I'd still use the Botnet plugin.
The absence of reverse DNS gives you three problem:
1. You have no test for the absence of rDNS
2. You have no test for the absence of full-circle DNS
Am 25.11.2015 um 14:41 schrieb RW:
On Wed, 25 Nov 2015 12:32:59 +0100
Matthias Apitz wrote:
I think we can close this thread now :-)
IIWY I'd still use the Botnet plugin.
The absence of reverse DNS gives you three problem:
1. You have no test for the absence of rDNS
why that when SA
On Wed, 25 Nov 2015 14:54:46 +0100
Reindl Harald wrote:
> Am 25.11.2015 um 14:41 schrieb RW:
> > On Wed, 25 Nov 2015 12:32:59 +0100
> > Matthias Apitz wrote:
> >
> >> I think we can close this thread now :-)
> >
> > IIWY I'd still use the Botnet plugin.
> >
> > The absence of reverse DNS gives
Am 25.11.15 um 15:56 schrieb RW:.
3. You have no test for dynamic rDNS
why that when SA makes the dns request and so have a rDNS?
Because, as far as I can see, the patch doesn't make the rDNS available
to SA's other tests, it just supplies a stand-alone test for no-rDNS.
Correct.
I don
On 24 Nov 2015, at 14:27, Edda wrote:
Older versions performed rdns lookups for every IP in relay-untrusted
directly in Received.pm, this was deleted:
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=5054
I think Justin's rationale there isn't even the whole case for NOT doing
DNS checks
Am 25.11.2015 um 20:16 schrieb Bill Cole:
On 24 Nov 2015, at 14:27, Edda wrote:
Older versions performed rdns lookups for every IP in relay-untrusted
directly in Received.pm, this was deleted:
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=5054
I think Justin's rationale there isn't ev
On Wed, 25 Nov 2015, Bill Cole wrote:
On 24 Nov 2015, at 14:27, Edda wrote:
Older versions performed rdns lookups for every IP in relay-untrusted
directly in Received.pm, this was deleted:
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=5054
It seems to me like the entirety of the pro
On 24 Nov 2015, at 17:20, David Jones wrote:
[...]
NOTE: I have just now tested that I can give Postfix (with
reject_unknown_helo_hostname not enabled) a fully-qualified HELO name
that has no A or one with an A resolving to 192.0.2.1 (and therefore:
no
PTR) and in both cases Postfix neither lo
As I understand it, these undefined dependencies are errors where a meta
rule has been written to depend on another rule, which does not exist.
These don't have catastrophic consequences, it just means that rule may
not be effective.
Ben
Spamassassin List wrote:
>
http://www.peregrinehw.com/
On Thursday 08 February 2007 15:21, Ben Wylie wrote:
> As I understand it, these undefined dependencies are errors where a meta
> rule has been written to depend on another rule, which does not exist.
> These don't have catastrophic consequences, it just means that rule may
> not be effective.
Goo
Existing rule:
rawbody __SPOOFED_URL m/]{0,2048}\bhref=(?:3D)?.?(https?:[^>"'\#
]{8,29}[^>"'\#
:\/?&=])[^>]{0,2048}>(?:[^<]{0,1024}<(?!\/a)[^>]{1,1024}>){0,99}\s{0,10}(?!\1)https?[^\w<]{1,3}[^<]{5}/i
How about this, to only check for a changed domain part instead?
rawbody SPOOFED_URL_DOMAIN
and what about when there is no anchor text in the link ? eg. paypal
image button
2011/10/14 :
> Existing rule:
>
> rawbody __SPOOFED_URL m/]{0,2048}\bhref=(?:3D)?.?(https?:[^>"'\#
> ]{8,29}[^>"'\#
> :\/?&=])[^>]{0,2048}>(?:[^<]{0,1024}<(?!\/a)[^>]{1,1024}>){0,99}\s{0,10}(?!\1)https?[^\w<]{1
None of these rules will hit that. That's what the second "http" is for.
"Hit the host name part of the href value of an anchor tag, then do *not*
match the same host name in the value part of the anchor, then hit 'href'".
I should've called it SPOOFED_URL_HOST, because this one is matching the
f
you should be able to check against img src content, right?
2011/10/14 Christian Grunfeld :
> and what about when there is no anchor text in the link ? eg. paypal
> image button
>
>
> 2011/10/14 :
>> Existing rule:
>>
>> rawbody __SPOOFED_URL m/]{0,2048}\bhref=(?:3D)?.?(https?:[^>"'\#
>> ]{8,
Not relevant to the subject. We're talking about where somebody is
maliciously making you think you're clicking on "www.youtube.com" when in
fact you're clicking on "www.ILikeSpam.com".
Somebody linking to one domain with an image hosted on another domain has
plenty of possibility to be legit.
Y
On 14.10.11 18:07, dar...@chaosreigns.com wrote:
Existing rule:
rawbody __SPOOFED_URL m/]{0,2048}\bhref=(?:3D)?.?(https?:[^>"'\# ]{8,29}[^>"'\#
:\/?&=])[^>]{0,2048}>(?:[^<]{0,1024}<(?!\/a)[^>]{1,1024}>){0,99}\s{0,10}(?!\1)https?[^\w<]{1,3}[^<]{5}/i
How about this, to only check for a change
On 10/18, Matus UHLAR - fantomas wrote:
> Very nice, however due to these and other circumstances mentioned I
> think that a plugin would be better, since it could define where to
Thanks. It didn't work out, the results were worse than the older rule:
http://ruleqa.spamassassin.org/?daterev=2011
Hi,
I have tested this rule but it does not work, it's starnge
uri __SPAMS_URI_7 /\.webs\.com\//
describe __SPAMS_URI_7 url vers formulaire
score __SPAMS_URI_7 15.0
Le 14/03/14, Axb a écrit :
> On 03/14/2014 01:54 PM, Stanislas LEVEAU wrote:
> >Thanks for your answer, yes it's really si
On 9/16/2017 4:36 PM, Chris wrote:
I'm also seeing issues with ISIPP which is in 20_dnsbl_tests.cf. I've
attached the message I sent them as well as their reply. Another issue
I noticed with ISIPP is
Sep 16 12:09:38 localhost named[1284]: host unreachable resolving
'ns1.ns.isipp.com/A/IN': 67.22
On 09/18/2017 09:12 AM, Kevin A. McGrail wrote:
On 9/16/2017 4:36 PM, Chris wrote:
I'm also seeing issues with ISIPP which is in 20_dnsbl_tests.cf. I've
attached the message I sent them as well as their reply. Another issue
I noticed with ISIPP is
Sep 16 12:09:38 localhost named[1284]: host unr
On Mon, 2017-09-18 at 09:28 -0500, David Jones wrote:
> On 09/18/2017 09:12 AM, Kevin A. McGrail wrote:
> >
> > On 9/16/2017 4:36 PM, Chris wrote:
> > >
> > > I'm also seeing issues with ISIPP which is in 20_dnsbl_tests.cf.
> > > I've
> > > attached the message I sent them as well as their reply.
On 18 Sep 2017, at 10:57, Chris wrote:
[...]
>> I am receiving many hits on *_IADB_* rules just fine recently for
>> emails
>> from constantcontact.com and others.
>
> I'm receiving rule hits:
>
> TOP HAM RULES FIRED
> RANKRULE NAME COUNT %OFMAIL %OFSPAM %OFHAM
> 40
On Mon, 2017-09-18 at 11:11 -0400, Bill Cole wrote:
> On 18 Sep 2017, at 10:57, Chris wrote:
>
> [...]
> >
> > >
> > > I am receiving many hits on *_IADB_* rules just fine recently for
> > > emails
> > > from constantcontact.com and others.
> > I'm receiving rule hits:
> >
> > TOP HAM RULES FI
On 09/18/2017 11:14 AM, Chris wrote:
On Mon, 2017-09-18 at 11:11 -0400, Bill Cole wrote:
On 18 Sep 2017, at 10:57, Chris wrote:
[...]
I am receiving many hits on *_IADB_* rules just fine recently for
emails
from constantcontact.com and others.
I'm receiving rule hits:
TOP HAM RULES FIRED
On Mon, 2017-09-18 at 11:40 -0500, David Jones wrote:
> On 09/18/2017 11:14 AM, Chris wrote:
> >
> > On Mon, 2017-09-18 at 11:11 -0400, Bill Cole wrote:
> > >
> > > On 18 Sep 2017, at 10:57, Chris wrote:
> > >
> > > [...]
> > > >
> > > >
> > > > >
> > > > >
> > > > > I am receiving many hits
On 18 Sep 2017, at 12:14, Chris wrote:
[...]
> On Mon, 2017-09-18 at 11:11 -0400, Bill Cole wrote:
>> Why are you asking 168.150.251.35 to do DNS resolution for you? It is
>> not authoritative for isipp.com, so presumably you have a specific
>> local config causing you to use it. It is explicitly r
On 09/18/2017 11:52 AM, Chris wrote:
On Mon, 2017-09-18 at 11:40 -0500, David Jones wrote:
On 09/18/2017 11:14 AM, Chris wrote:
On Mon, 2017-09-18 at 11:11 -0400, Bill Cole wrote:
On 18 Sep 2017, at 10:57, Chris wrote:
[...]
I am receiving many hits on *_IADB_* rules just fine recentl
On Mon, 18 Sep 2017, Bill Cole wrote:
On 18 Sep 2017, at 12:14, Chris wrote:
[...]
On Mon, 2017-09-18 at 11:11 -0400, Bill Cole wrote:
Why are you asking 168.150.251.35 to do DNS resolution for you? It is
not authoritative for isipp.com, so presumably you have a specific
local config causing y
On Mon, 2017-09-18 at 12:32 -0500, David Jones wrote:
> On 09/18/2017 11:52 AM, Chris wrote:
> >
> > On Mon, 2017-09-18 at 11:40 -0500, David Jones wrote:
> > >
> > > On 09/18/2017 11:14 AM, Chris wrote:
> > > >
> > > >
> > > > On Mon, 2017-09-18 at 11:11 -0400, Bill Cole wrote:
> > > > >
> >
On 09/18/2017 06:03 PM, Chris wrote:
On Mon, 2017-09-18 at 12:32 -0500, David Jones wrote:
On 09/18/2017 11:52 AM, Chris wrote:
On Mon, 2017-09-18 at 11:40 -0500, David Jones wrote:
On 09/18/2017 11:14 AM, Chris wrote:
On Mon, 2017-09-18 at 11:11 -0400, Bill Cole wrote:
On 18 Sep 2017,
On Tue, 2017-09-19 at 07:45 -0500, David Jones wrote:
> On 09/18/2017 06:03 PM, Chris wrote:
[snip]
> >
> > localhost dnsmasq[2323]: started, version 2.75 cachesize 150
> > localhost dnsmasq[2323]: compile time options: IPv6 GNU-getopt DBus
> > i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack ipset auth
On Tue, 2017-09-19 at 08:16 -0500, Chris wrote:
> On Tue, 2017-09-19 at 07:45 -0500, David Jones wrote:
> >
> > On 09/18/2017 06:03 PM, Chris wrote:
> [snip]
> >
> > >
> > >
> > > localhost dnsmasq[2323]: started, version 2.75 cachesize 150
> > > localhost dnsmasq[2323]: compile time options: I
On 09/19/2017 08:16 AM, Chris wrote:
On Tue, 2017-09-19 at 07:45 -0500, David Jones wrote:
On 09/18/2017 06:03 PM, Chris wrote:
[snip]
localhost dnsmasq[2323]: started, version 2.75 cachesize 150
localhost dnsmasq[2323]: compile time options: IPv6 GNU-getopt DBus
i18n IDN DHCP DHCPv6 no-Lua T
On 09/19/2017 08:25 AM, Chris wrote:
On Tue, 2017-09-19 at 08:16 -0500, Chris wrote:
On Tue, 2017-09-19 at 07:45 -0500, David Jones wrote:
On 09/18/2017 06:03 PM, Chris wrote:
[snip]
localhost dnsmasq[2323]: started, version 2.75 cachesize 150
localhost dnsmasq[2323]: compile time option
On Tue, 2017-09-19 at 08:41 -0500, David Jones wrote:
> On 09/19/2017 08:25 AM, Chris wrote:
> >
> > On Tue, 2017-09-19 at 08:16 -0500, Chris wrote:
> > >
> > > On Tue, 2017-09-19 at 07:45 -0500, David Jones wrote:
> > > >
> > > >
> > > > On 09/18/2017 06:03 PM, Chris wrote:
> > > [snip]
> > >
On Tue, 2017-09-19 at 15:40 -0500, Chris wrote:
> > > > > > I've disable dnsmasq in my
> > > > > > /etc/NetworkManager/NetworkManager.conf
> via
> #dns=dnsmasq
>
> However, when restarting the network I see:
> dnsmasq[2323]: reading /etc/resolv.conf
> dnsmasq[2323]: using nameserver 127.0.0.1#53
On Tue, 2017-09-19 at 22:07 +0100, Martin Gregorie wrote:
> On Tue, 2017-09-19 at 15:40 -0500, Chris wrote:
>
> >
> > >
> > > >
> > > > >
> > > > > >
> > > > > > >
> > > > > > > I've disable dnsmasq in my
> > > > > > > /etc/NetworkManager/NetworkManager.conf
> > via
> > #dns=dnsmasq
> >
> >
On Tue, 19 Sep 2017, Chris wrote:
I'm getting different outputs each time I run dig +trace
65.43.116.208.iadb.isipp.com
65.43.116.208.iadb.isipp.com. 3600 IN A 127.0.1.255
65.43.116.208.iadb.isipp.com. 3600 IN A 127.0.0.2
65.43.116.208.iadb.isipp.com. 3600 IN A 127.2.255
On Tue, 2017-09-19 at 14:47 -0700, John Hardin wrote:
> On Tue, 19 Sep 2017, Chris wrote:
>
> > I'm getting different outputs each time I run dig +trace
> > 65.43.116.208.iadb.isipp.com
> >
> > 65.43.116.208.iadb.isipp.com. 3600 IN A 127.0.1.255
> > 65.43.116.208.iadb.isipp.com. 3600 IN A
On Tue, 2017-09-19 at 15:40 -0500, Chris wrote:
> On Tue, 2017-09-19 at 08:41 -0500, David Jones wrote:
> >
> > On 09/19/2017 08:25 AM, Chris wrote:
> > >
> > >
> > > On Tue, 2017-09-19 at 08:16 -0500, Chris wrote:
> > > >
> > > >
> > > > On Tue, 2017-09-19 at 07:45 -0500, David Jones wrote:
>
On Tue, 2017-09-19 at 16:44 -0500, Chris wrote:
>
> Thanks Martin, here's what I get, it appears to not be running.
>
> sudo systemctl stop dnsmasq
> [sudo] password for chris:
> Failed to stop dnsmasq.service: Unit dnsmasq.service not loaded.
>
OK, that makes sense
> sudo systemctl disable d
On Wed, 2017-09-20 at 00:40 +0100, Martin Gregorie wrote:
> On Tue, 2017-09-19 at 16:44 -0500, Chris wrote:
> >
> >
> > Thanks Martin, here's what I get, it appears to not be running.
> >
> > sudo systemctl stop dnsmasq
> > [sudo] password for chris:
> > Failed to stop dnsmasq.service: Unit dns
On Tue, 19 Sep 2017, Chris wrote:
On Wed, 2017-09-20 at 00:40 +0100, Martin Gregorie wrote:
On Tue, 2017-09-19 at 16:44 -0500, Chris wrote:
Thanks Martin, here's what I get, it appears to not be running.
sudo systemctl stop dnsmasq
[sudo] password for chris:
Failed to stop dnsmasq.service:
On Tue, 2017-09-19 at 19:32 -0500, Chris wrote:
> On Wed, 2017-09-20 at 00:40 +0100, Martin Gregorie wrote:
> >
> > On Tue, 2017-09-19 at 16:44 -0500, Chris wrote:
> > >
> > >
> > >
> > > Thanks Martin, here's what I get, it appears to not be running.
> > >
> > > sudo systemctl stop dnsmasq
>
On 19 Sep 2017, at 16:40, Chris wrote:
> Here's the output now of the dig +trace
> tcp0 0
> 127.0.0.1:530.0.0.0:* LISTEN -
>
> tcp0 0
> 127.0.1.1:530.0.0.0:* LISTEN -
>
> udp
On Wed, 2017-09-20 at 04:31 +0200, Reindl Harald wrote:
>
> Am 20.09.2017 um 02:32 schrieb Chris:
> >
> > I then installed dnsmasq (apparently it wasn't installed)
> frankly clean up your mess - you recently posted dnsmasq as well as
> named listening on different interfaces for DNS, now you say
On 19 Sep 2017, at 22:36, Chris wrote:
> On Wed, 2017-09-20 at 04:31 +0200, Reindl Harald wrote:
>>
>> Am 20.09.2017 um 02:32 schrieb Chris:
>>>
>>> I then installed dnsmasq (apparently it wasn't installed)
>> frankly clean up your mess - you recently posted dnsmasq as well as
>> named listening
On 2017-09-19 19:53, David B Funk wrote:
> So now you have -two- dnsmasq kits, one installed by "apt" and managed
> thru the "systemctl" tools, and another one that somebody put there
> which is outside the realm of "apt" & "systemctl" (thus they don't
> know how to manange it).
>
> You should re
On Tue, 2017-09-19 at 19:32 -0500, Chris wrote:
> Hi Martin, here's what I see:
>
> sudo systemctl status dnsmasq
> [sudo] password for chris:
> ● dnsmasq.service
> Loaded: not-found (Reason: No such file or directory)
> Active: inactive (dead)
> chris@localhost:~$ sudo systemctl enable dns
On Wed, 2017-09-20 at 11:15 +0100, Martin Gregorie wrote:
> On Tue, 2017-09-19 at 19:32 -0500, Chris wrote:
> >
> > Hi Martin, here's what I see:
> >
> > sudo systemctl status dnsmasq
> > [sudo] password for chris:
> > ● dnsmasq.service
> > Loaded: not-found (Reason: No such file or directory
On Tue, 2017-09-19 at 23:04 -0400, Bill Cole wrote:
> On 19 Sep 2017, at 22:36, Chris wrote:
>
> >
> > On Wed, 2017-09-20 at 04:31 +0200, Reindl Harald wrote:
> > >
> > >
> > > Am 20.09.2017 um 02:32 schrieb Chris:
> > > >
> > > >
> > > > I then installed dnsmasq (apparently it wasn't install
On Tue, 2017-09-19 at 21:32 -0700, Ian Zimmerman wrote:
> On 2017-09-19 19:53, David B Funk wrote:
>
> >
> > So now you have -two- dnsmasq kits, one installed by "apt" and
> > managed
> > thru the "systemctl" tools, and another one that somebody put there
> > which is outside the realm of "apt" &
On 2017-09-20 11:15, Martin Gregorie wrote:
> I don't know why you'd want to do that since you should be running
> named instead of dnsmasq.
>
> Delete the version you just installed via the apt package manager and
> do a search and destroy mission to get rid of both the other copy of
> it and th
On 20 Sep 2017, at 9:48, Chris wrote:
> From the locate command I found these - https://pastebin.com/ECjZGX1M
AHA!
Apparently Ubuntu (and Debian?) has a package called "dnsmasq-base" which is
installed as a dependency of libvirt, which manages it independently and
autocratically...
2 maybe u
On Wed, 2017-09-20 at 08:48 -0500, Chris wrote:
> On Wed, 2017-09-20 at 11:15 +0100, Martin Gregorie wrote:
> > On Tue, 2017-09-19 at 19:32 -0500, Chris wrote:
> > >
> > > Hi Martin, here's what I see:
> > >
> > > sudo systemctl status dnsmasq
> > > [sudo] password for chris:
> > > ● dnsmasq.ser
On Wed, 2017-09-20 at 08:01 -0700, Ian Zimmerman wrote:
> Finally (and getting really OT), it helps to keep relevant /etc files
> under version control, so you know when the system helpfully shifts
> the ground under you.
>
Really good advice.
I keep a copy of all the configuration files I've man
On Wed, 2017-09-20 at 08:01 -0700, Ian Zimmerman wrote:
> On 2017-09-20 11:15, Martin Gregorie wrote:
>
> >
> > I don't know why you'd want to do that since you should be running
> > named instead of dnsmasq.
> >
> > Delete the version you just installed via the apt package manager
> > and
> > d
On 2017-09-20 17:02, Chris wrote:
> So, IIUC it would be a good idea to remove the resolv.conf symlink in
> /run/resolvconf ?
Definitely _not_ a good idea while the resolvconf package is installed.
What I meant was remove the package first, then clean up.
--
Please don't Cc: me privately on ma
On Wed, 2017-09-20 at 19:05 +0100, Martin Gregorie wrote:
> On Wed, 2017-09-20 at 08:48 -0500, Chris wrote:
> >
> > On Wed, 2017-09-20 at 11:15 +0100, Martin Gregorie wrote:
> > >
> > > On Tue, 2017-09-19 at 19:32 -0500, Chris wrote:
> > > >
> > > >
> > > > Hi Martin, here's what I see:
> > > >
On Wed, 2017-09-20 at 15:22 -0700, Ian Zimmerman wrote:
> On 2017-09-20 17:02, Chris wrote:
>
> >
> > So, IIUC it would be a good idea to remove the resolv.conf symlink
> > in
> > /run/resolvconf ?
> Definitely _not_ a good idea while the resolvconf package is
> installed.
>
> What I meant was r
On Wed, 2017-09-20 at 19:39 -0500, Chris wrote:
> It was installed by default when upgrading from 14.04LTS to 16.04LTS
>
Then it may be best to just leave it there.
> I have stopped Network Manager. I've not disabled or removed it yet
> as I'm watching to see how named does the queries now.
>
I
On Thu, 2017-09-21 at 11:58 +0100, Martin Gregorie wrote:
> On Wed, 2017-09-20 at 19:39 -0500, Chris wrote:
> >
> > It was installed by default when upgrading from 14.04LTS to
> > 16.04LTS
> >
> Then it may be best to just leave it there.
>
> >
> > I have stopped Network Manager. I've not disab
On 9/16/2017 4:36 PM, Chris wrote:
> I'm also seeing issues with ISIPP which is in 20_dnsbl_tests.cf. I've
> attached the message I sent them as well as their reply. Another issue I
> noticed with ISIPP is Sep 16 12:09:38 localhost named[1284]: host unreachable
> resolving 'ns1.ns.isipp.co
just saw this error:
Feb 5 14:19:46.438 [6998] warn: rules: failed to compile
Mail::SpamAssassin::Plugin::Check::_head_tests_0_4, skipping:
Feb 5 14:19:46.438 [6998] warn: (Global symbol "$Blat" requires explicit package name
(did you forget to declare "my $Blat"?) at /etc/spamassassin/70_zmi
That is strange. Do you have a copy of that file? Is it identical to
[1]? What exact SA codebase is this; linux-distribution package, CPAN,
other?
> Feb 5 14:19:46.438 [6998] warn: (Global symbol "$Blat" requires
> explicit package name (did you forget to declare "my $Blat"?) at
> /etc/spamassas
That is strange. Do you have a copy of that file? Is it identical to
[1]
no really... i have remove all lines with starting "#"
sed -i '/^#.*/d' /etc/spamassassin/70_zmi_german.cf
File comes from: http://sa.zmi.at/sa-update-german/402.tar.gz
linux-distribution package, CPAN, other?
Debian 9.1
The error can only happen if there was unquoted $ in regex.
header __ZMIfish_ForgedBill01 Message-ID =~ /$Blat.v3/
Newer 3.4.4 don't care about such things, you should upgrade asap since
there are vulnerabilities.
On Wed, Feb 05, 2020 at 04:08:43PM +0100, Philipp Ewald wrote:
> >That is str
So this must have been an old version of the file, the current regex is
quoted. Also Stretch has backported 3.4.4 fixes, but maybe Philipp did
not include debian-security sources?
> The error can only happen if there was unquoted $ in regex.
>
> header __ZMIfish_ForgedBill01 Message-ID =~ /$Blat.
On 05.02.20 17:18, Henrik K wrote:
The error can only happen if there was unquoted $ in regex.
header __ZMIfish_ForgedBill01 Message-ID =~ /$Blat.v3/
Newer 3.4.4 don't care about such things, you should upgrade asap since
there are vulnerabilities.
the OP reported using debian, which has th
On Wed, Feb 05, 2020 at 04:55:33PM +0100, Matus UHLAR - fantomas wrote:
> On 05.02.20 17:18, Henrik K wrote:
> >The error can only happen if there was unquoted $ in regex.
> >
> >header __ZMIfish_ForgedBill01 Message-ID =~ /$Blat.v3/
> >
> >Newer 3.4.4 don't care about such things, you should upg
On 05.02.20 17:18, Henrik K wrote:
>The error can only happen if there was unquoted $ in regex.
>
>header __ZMIfish_ForgedBill01 Message-ID =~ /$Blat.v3/
>
>Newer 3.4.4 don't care about such things, you should upgrade asap since
>there are vulnerabilities.
On Wed, Feb 05, 2020 at 04:55:33PM +
Thanks for help!
Notice:
same mail on Debian 10 Server Rule dont hit
spamassassin -V
SpamAssassin version 3.4.2
running on Perl version 5.28.1
on this server i have installed updates
Debian 9.11 Server which rule was hit: # damn this sounds so wrong
spamassassin -V
SpamAssassin version
Notice:
same mail on Debian 10 Server Rule dont hit
spamassassin -V
SpamAssassin version 3.4.2
running on Perl version 5.28.1
On 05.02.20 17:38, Philipp Ewald wrote:
on this server i have installed updates
apparently not enough...
Debian 9.11 Server which rule was hit: # damn this soun
On Wed, 17 Oct 2007, Henrik Krohns wrote:
On Wed, Oct 17, 2007 at 02:48:49AM -0400, Dan Mahoney, System Admin wrote:
On Wed, 17 Oct 2007, Henrik Krohns wrote:
On Tue, Oct 16, 2007 at 06:16:49PM -0400, Dan Mahoney, System Admin wrote:
dnswl.org is either full of it, or not well maintained.
I
201 - 300 of 59420 matches
Mail list logo
