Matus UHLAR - fantomas skrev den 2023-03-02 11:50:
Authres plugin should only parse Authentication-Results: headers, not
signatures themselves.
other plugins should be able to use data provided by this plugin.
On 02.03.23 12:55, Benny Pedersen wrote:
+1 funny you provided an eval that worked
giova...@paclan.it skrev den 2023-03-02 12:53:
how ?, this code works without authres enabled as i see it
if DKIM fails but ARC passes DMARC policy could be overriden, this
part doesn't work.
ah okay got it
eval should not be done in dkim but moved to authres so, and results
metadata used
Matus UHLAR - fantomas skrev den 2023-03-02 11:50:
Authres plugin should only parse Authentication-Results: headers, not
signatures themselves.
other plugins should be able to use data provided by this plugin.
+1 funny you provided an eval that worked ? :)
have you seen ARC_VALID or ARC_SIGN
On 3/2/23 12:49, Benny Pedersen wrote:
giova...@paclan.it skrev den 2023-03-02 10:04:
On 3/1/23 14:30, Benny Pedersen wrote:
Henrik K skrev den 2023-03-01 10:28:
On Wed, Mar 01, 2023 at 09:56:56AM +0100, Matus UHLAR - fantomas wrote:
I have SA 4.0 installed and Mail::SpamAssassin::Plugin::Aut
On 3/2/23 11:50, Matus UHLAR - fantomas wrote:
On Wed, Mar 01, 2023 at 09:56:56AM +0100, Matus UHLAR - fantomas wrote:
I have SA 4.0 installed and Mail::SpamAssassin::Plugin::AuthRes available.
However, I don't see AuthRes plugin mention in .pre files nor in SA rules.
Henrik K skrev den 2023-
giova...@paclan.it skrev den 2023-03-02 10:04:
On 3/1/23 14:30, Benny Pedersen wrote:
Henrik K skrev den 2023-03-01 10:28:
On Wed, Mar 01, 2023 at 09:56:56AM +0100, Matus UHLAR - fantomas
wrote:
I have SA 4.0 installed and Mail::SpamAssassin::Plugin::AuthRes
available.
However, I don't see Aut
On Wed, Mar 01, 2023 at 09:56:56AM +0100, Matus UHLAR - fantomas wrote:
I have SA 4.0 installed and Mail::SpamAssassin::Plugin::AuthRes available.
However, I don't see AuthRes plugin mention in .pre files nor in SA rules.
Henrik K skrev den 2023-03-01 10:28:
Because it's experimental and unfi
On 3/1/23 14:30, Benny Pedersen wrote:
Henrik K skrev den 2023-03-01 10:28:
On Wed, Mar 01, 2023 at 09:56:56AM +0100, Matus UHLAR - fantomas wrote:
I have SA 4.0 installed and Mail::SpamAssassin::Plugin::AuthRes available.
However, I don't see AuthRes plugin mention in .pre files nor in SA rule
On Wed, Mar 01, 2023 at 04:46:27PM +0100, Matus UHLAR - fantomas wrote:
>
> 1. "header.a=rsa-sha256" and "header.s=hege2" options in
> Authentication-Results: for dkim where "a" contains algorithm and "s" the
> used selector.
>
> 2. unknown "arc" Authentication-Results: header
>
> removing menti
Matus UHLAR - fantomas skrev den 2023-03-01 15:40:
so, if your mail doesn't get delivered within 1.5 seconds and the DKIM
signature expires on the fly, the mail gets dropped from mail server?
On 01.03.23 16:33, Benny Pedersen wrote:
no, aligned spf pass from facebook, and even on unaligned i do
On 01.03.23 11:55, Henrik K wrote:
Bah, I think it was tested as atleast working without errors. I'll have a
look..
On 01.03.23 11:04, Matus UHLAR - fantomas wrote:
yes, it's working at least partly:
Authentication-Results: fantomas.fantomas.sk; dmarc=none (p=none dis=none)
header.from=hege
Matus UHLAR - fantomas skrev den 2023-03-01 15:40:
so, if your mail doesn't get delivered within 1.5 seconds and the DKIM
signature expires on the fly, the mail gets dropped from mail server?
no, aligned spf pass from facebook, and even on unaligned i do not
reject dkim fails, this is a job f
Matus UHLAR - fantomas skrev den 2023-03-01 09:56:
I hope these senders expire their e-mail 1.5 hours after sending...
On 01.03.23 13:35, Benny Pedersen wrote:
facebook can do it in 1.5 sekunds :)
so, if your mail doesn't get delivered within 1.5 seconds and the DKIM
signature expires on th
Matus UHLAR - fantomas skrev den 2023-03-01 10:50:
.
Mar 1 10:47:17.689 [19813] warn: Use of uninitialized value $result
in string eq at /usr/share/perl5/Mail/SpamAssassin/Plugin/AuthRes.pm
line 302.
spamassassin --version ?
aurhres was in 3.4.6 aswell is why i ask
authres in 4.0.0 does imho
Henrik K skrev den 2023-03-01 10:28:
On Wed, Mar 01, 2023 at 09:56:56AM +0100, Matus UHLAR - fantomas wrote:
I have SA 4.0 installed and Mail::SpamAssassin::Plugin::AuthRes
available.
However, I don't see AuthRes plugin mention in .pre files nor in SA
rules.
Because it's experimental and unfin
Matus UHLAR - fantomas skrev den 2023-03-01 09:56:
I hope these senders expire their e-mail 1.5 hours after sending...
facebook can do it in 1.5 sekunds :)
This should be avoidable by using opendkim at SMTP time, and using
Mail::SpamAssassin::Plugin::AuthRes plugin in the way that DKIM rules
On 01.03.23 11:55, Henrik K wrote:
Bah, I think it was tested as atleast working without errors. I'll have a
look..
yes, it's working at least partly:
Authentication-Results: fantomas.fantomas.sk; dmarc=none (p=none dis=none)
header.from=hege.li
Authentication-Results: fantomas.fantomas.sk;
On Wed, Mar 01, 2023 at 10:50:02AM +0100, Matus UHLAR - fantomas wrote:
> > On Wed, Mar 01, 2023 at 09:56:56AM +0100, Matus UHLAR - fantomas wrote:
> > > I have SA 4.0 installed and Mail::SpamAssassin::Plugin::AuthRes available.
> > >
> > > However, I don't see AuthRes plugin mention in .pre files
On Wed, Mar 01, 2023 at 09:56:56AM +0100, Matus UHLAR - fantomas wrote:
I have SA 4.0 installed and Mail::SpamAssassin::Plugin::AuthRes available.
However, I don't see AuthRes plugin mention in .pre files nor in SA rules.
On 01.03.23 11:28, Henrik K wrote:
Because it's experimental and unfini
On Wed, Mar 01, 2023 at 09:56:56AM +0100, Matus UHLAR - fantomas wrote:
>
> I have SA 4.0 installed and Mail::SpamAssassin::Plugin::AuthRes available.
>
> However, I don't see AuthRes plugin mention in .pre files nor in SA rules.
Because it's experimental and unfinished.
> I will try to load it
Rob McEwen wrote:
All I know for sure is this - for MANY legit emails - DKIM fails
some days later
On 28.02.23 12:52, Kris Deugau wrote:
Hours.
I've recently learned about this, in the context of trying to
welcomelist legitimate senders. A 2-hour validity window for the DKIM
signature is p
Rob McEwen wrote:
Benny,
All I know for sure is this - for MANY legit emails - DKIM fails some
days later
Hours.
I've recently learned about this, in the context of trying to
welcomelist legitimate senders. A 2-hour validity window for the DKIM
signature is pretty common. :(
- when it
Thank you to everybody that replied to my request. I knew I was not clear
in my message... :-)) sorry about it.
I have 2 paid RBL (so I don't care about number of queries) at the frontier
MTA. These RBLs reject a ton of connections and so the number of messages
reaching SA is already reduced.
Unf
Rob McEwen skrev den 2023-02-26 19:45:
Benny,
All I know for sure is this - for MANY legit emails - DKIM fails some
days later - when it had originally worked/validated at the time the
message was sent.
when i begined dkim signing i did that tought why would it be valid
after delivery, could
/updated. But whatever the cause, this is STILL a
reality that's worth noting, for anyone who is rescanning messages
later.
Rob McEwen, invaluement
-- Original Message --
From "Benny Pedersen"
To users@spamassassin.apache.org
Date 2/26/2023 1:37:53 PM
Subject Re: rep
Rob McEwen skrev den 2023-02-26 19:03:
...
sent. This can lead to many egregious false positives. But doing this
"one hour later" shouldn't have this problem.
message-id is timebased, so why invalidate it ? :)
i did that mistake on not dkim sign that header
in that regard i now have 2048 kbi
Something to keep in mind about this idea of rescanning messages later -
once more anti-spam data is available - for use in training/reporting
spams - this probably should NOT be done days later because SOME senders
aggressively expire/recycle DKIM dns records. I guess that is to
minimize the a
On 2023-02-25 at 09:34:52 UTC-0500 (Sat, 25 Feb 2023 15:34:52 +0100)
hg user
is rumored to have said:
The last time I was hit by a not-recognized phishing campaign, no Ips
nor
domains were present in RBL. When I took action one hour later I found
that
several of them were listed.
So my idea
On Sat, 25 Feb 2023, hg user wrote:
The last time I was hit by a not-recognized phishing campaign, no Ips nor
domains were present in RBL. When I took action one hour later I found that
several of them were listed.
So my idea is; is it possible to replay the queries one/two hours later?
Anoth
On 25.02.23 15:34, hg user wrote:
The last time I was hit by a not-recognized phishing campaign, no Ips nor
domains were present in RBL. When I took action one hour later I found that
several of them were listed.
So my idea is; is it possible to replay the queries one/two hours later?
you can
The last time I was hit by a not-recognized phishing campaign, no Ips nor
domains were present in RBL. When I took action one hour later I found that
several of them were listed.
So my idea is; is it possible to replay the queries one/two hours later?
I envision two methods:
- logging the queries
31 matches
Mail list logo
