want to do this because daily I get hundreds (or more)
non-deliverable
emails delivered from servers all across the internet to email
addresses
here that don't exist.
As everybody does. That was the reason to have the flat_list and /or
ldap.
I do not get it, why you cannot use it as we all
Matti Haack wrote:
Hello Fritz,
is virus test done for every incomming message? Or is it skipped for
whitelisted senders.
Fritz mentioned it earlier in another thread, Whitelisted and
NoProcessing users are not scanned currently. He is working on adding
options to enable/disable
cache problem. Still getting (11)
-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT business topics through brief surveys - and
pls don't. If it's the biggest update since 1.2.0 don't put it in the
open
at the end of this week.
No problem for me.
-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll
Hi, folks. I'm senior online editor at CIO.com, and I'm working on an
article for which I'd very much like your help.
There's often a lack of communication between techies and top company
management. Maybe they don't want to hear about problems; perhaps you
give them technical details that
brougham Baker [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
From: Fritz Borgstedt [EMAIL PROTECTED]
May be Doug will say something, he is the one I believe who uses it
(besides me).
That what? Uses the PB to block persistent idiot ip addresses? I do too.
What feature do you
Fritz Borgstedt [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
Agreed, however, like I said, that kind of kills the concept of using
the
PenaltyBox in that case for the actual purpose for which it was
intended.
How can you say that? My purpose was absolutely to have both functions
Micheal Espinola Jr [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
Charles Marcus wrote:
I've never used it either, and would not do so, since it is supposedly a
security risk (not sure on the whys and hows).
Most likely because it could be tricked by IP spoofing known clients.
Hi Esther,
If you would like just a quick blurb, then my response to your question,
“If you could get your CIO (or top management) to understand one thing,
just ONE thing, about fighting spam, what would it be?“, is simple:
I would like top management to understand the mechanics of how email
On 4 Jan 2007 at 10:42, Eric B. wrote:
From looking at the Received headers, this seems to be exactly what is
happening. The first copy has only the ASSP header, the second copy has the
original ASSP header followed by the MTA header, followed by the ASSP header
again:
My mail paths only
It makes sense. Some of your clients are sending mail through ASSP
twice: Once from MUA to MTA, and the second is when its outbound to the
Internet: MTA to ASSP to MTA/relay.
Either have your MUAs use ASSP directly and your MTA delivers directly
to the Internet, or your MUAs delivery directly to
Hi, Michael!
It's funny -- most of the people who have been answering me feel that
the CIO _shouldn't_ have to know the mechanics of how spam works.
Several people believe that the CIO's role isn't to mess with the
technical details. Instead, the CIO should know about the effects of
spam,
[EMAIL PROTECTED] wrote:
Hi, Michael!
It's funny -- most of the people who have been answering me
feel that
the CIO _shouldn't_ have to know the mechanics of how spam works.
Several people believe that the CIO's role isn't to mess with the
technical details. Instead, the CIO should know
Ah! That helps -- certainly it clarifies the point. warm smile
Can you give me a real world example of where that knowledge helped
the admin do her job, or where the lack of that understanding made
the problem worse? (We all do love to look over each other's
shoulders, after all.)
On Jan
I would agree that a CIO shouldn't have to know the mechanics of how
spam works - being that I would like to think that I do my job well
enough so that my management does not need to know such things. This is
one of numerous things that I would stipulate that users should never
really need to
On 10 Jan 2007 at 13:23, Ernesto Nieto wrote:
When I go look in the maillog file, this is the corresponding log entry:
Sender: Invalid HELO Format 'mailgw5.53.com' RE_E_mail_problems_
Now, I'm not up to snuff on the format, but isn't that legit? Is there
somewhere else I need to look?
On 10 Jan 2007 at 11:12, Eric B. wrote:
Also because your MTA will allow any client from the same IP to connect for
a period of time after the IP has checked a POP account. So, if your PC is
behind a NAT and checking a public POP machine, any PC behind your NAT box
will have access to
I think many people can give examples of when a lack of understanding
made a problem worse. This happens many times a year for me as managers
make decisions to move forward with technologies that aren't adequate or
appropriate for the goals they wish to accomplish. This happens when IT
is
I was trying that, but i dont understand the extreme blocking for the
penalty box.
Furthers, what is a forged helo?
And lastly, what is the RBL cache for?
Andreas
on 10-01-2007 02:01 Micheal Espinola Jr (mobile) wrote:
You could match them to the options listed in the web interface menu.
[EMAIL PROTECTED] wrote:
On 10 Jan 2007 at 13:23, Ernesto Nieto wrote:
When I go look in the maillog file, this is the corresponding log entry:
Sender: Invalid HELO Format 'mailgw5.53.com' RE_E_mail_problems_
Now, I'm not up to snuff on the format, but isn't that legit? Is there
___
Assp-user mailing list
Assp-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-user
__ NOD32 1970 (20070110) Information __
This message was checked by NOD32 antivirus system.
http://www.eset.com
Andreas Krüger wrote:
I was trying that, but i dont understand the extreme blocking for the
penalty box.
If you will look in the Penalty Box configuration options you will note
an Extreme Threshold option. When IP addresses reach a PB score
matching or exceeding that option the IP is recorded
Kevin wrote:
Domain names must start with a letter and not a number, 53.com is NOT
a valid domain name according to the RFCs (rfc1035 to be exact), however
these are not followed to the letter all the time and thus we get names
like that which violate that rule.
I'm not sure but the
Andreas Krüger wrote:
I got spam mails from 53.com...
I agree. I get nothing bu spam from them, from multiple IPs within the
same /24
-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay
Furthers, what is a forged helo?
An invalid HELO greeting messsage used by SMTP servers.
ASSP has an option to check connecting servers helo messages against
the
rfcs and optionally penalize them for having an invalid one.
Personally
I find this blocks more spambots.
A forged helo is
Fritz Borgstedt wrote:
Furthers, what is a forged helo?
An invalid HELO greeting messsage used by SMTP servers.
ASSP has an option to check connecting servers helo messages against
the
rfcs and optionally penalize them for having an invalid one.
Personally
I find this blocks more
A mailbox without Spam is like a private restroom, with Spam it looks
like a public one.
It is quality of life, what is here at stake.
Fritz Borgstedt
-
Take Surveys. Earn Cash. Influence the Future of IT
Join
Hi All,
I have a question about this option:
=
Prepend Spam Subject to CC-mail
If set spamSubject gets prepended to the subject of the CC-email.
=
Does this option prepend the spamsubject to ccspam AND ccham ?
Wouldn't it be logical to do this only for ccspam ?
Best regards,
Pascal
Does this option prepend the spamsubject to ccspam AND ccham ?
Wouldn't it be logical to do this only for ccspam ?
yes, that was a bug. fixed.
-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's
On 10 Jan 2007 at 12:16, Kevin wrote:
[EMAIL PROTECTED] wrote:
On 10 Jan 2007 at 13:23, Ernesto Nieto wrote:
When I go look in the maillog file, this is the corresponding log entry:
Sender: Invalid HELO Format 'mailgw5.53.com' RE_E_mail_problems_
Now, I'm not up to snuff on the
On 10 Jan 2007 at 15:49, Micheal Espinola Jr wrote:
Kevin wrote:
Domain names must start with a letter and not a number, 53.com is NOT
a valid domain name according to the RFCs (rfc1035 to be exact), however
these are not followed to the letter all the time and thus we get names
like
The syntax of a legal Internet host name was specified in RFC-952
[DNS:4]. One aspect of host name syntax is hereby changed: the
restriction on the first character is relaxed to allow either a
letter or a digit. Host software MUST support this more liberal
syntax.
Is
[EMAIL PROTECTED] wrote:
The default validHeloRE as used by Ernesto obeys this more liberal rule, but
the first part of his
invalidFormatHeloRE is catching it, which is shown as the default but is not
compliant.
Remove '\d+[_.-]\d+[_.-]|' or put the name in 'don't block these helos' -
Dave Emory wrote:
The syntax of a legal Internet host name was specified in RFC-952
[DNS:4]. One aspect of host name syntax is hereby changed: the
restriction on the first character is relaxed to allow either a
letter or a digit. Host software MUST support this more liberal
I'm currently re-working the statistics page/sql queries.
I need some way to uniquely identify each ASSP install in order for the
stats to be at least somewhat valid, the IP address would be the easiest
and quickest way to do this but it would cause inconsistencies if
there are multiple
Maybe each assp install that uses the stats list can register and grab a unique
hash that it will always use to identify itself.
That way we don't capture ip's, but assp uses a unique hash as an indentifier
just for stats uniqueness.
That should help maintain anonimity, oi?
--
ME2 (mobile)
PS. Someone tried to unlock the asspsmtp.org domain. We might be due for an
attack.
--
ME2 (mobile)
-Original Message-
From: Kevin [EMAIL PROTECTED]
Date: Wednesday, Jan 10, 2007 8:59 pm
Subject: [Assp-user] Do you have multiple ASSP installs on same public IP?
I'm currently
Kevin wrote:
Dave Emory wrote:
The syntax of a legal Internet host name was specified in RFC-952
[DNS:4]. One aspect of host name syntax is hereby changed: the
restriction on the first character is relaxed to allow either a
letter or a digit. Host software MUST support this
I wrote both the original merak PopB4SMTP routine and the revamped, 2nd one.
I cut my teeth on Perl writing that function! The first one was very
poor, but once I figured out the binary format of the file, I wrote the
2nd that takes the length of the IP address and prepends the IP with
that
I use PopB4SMTP. Wouldn't it stand to reason that even if a client knew
what IP to spoof in a packet to cause your server to log the IP need
to know a login / pw? And if so, doesn't that make the risk moot?
Or, are we talking about something that may hi-jack your pop session via
injection or
I'm getting a URIBL failure
Received-URIBL: fail
(onlinebusinessshow.com.multi.surbl.org-127.0.0.16; )
where the domain listed in the logfile as the cause of the failure (which is
indeed on a SURBL list), does NOT appear anywhere in the email itself. Is that
even possible?
This
Evan wrote:
I'm getting a URIBL failure
Received-URIBL: fail
(onlinebusinessshow.com.multi.surbl.org-127.0.0.16; )
where the domain listed in the logfile as the cause of the failure (which is
indeed on a SURBL list), does NOT appear anywhere in the email itself. Is
that even
Kevin wrote:
Open the message in a text editor and check the source.
Hi Kevin...
I should have said up front, that I did that already. The reported failed
URL onlinebusinessshow.com does not appear anywhere in the message source.
If anybody wants to look at the source let me know and I'll be
Kevin [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
I'm currently re-working the statistics page/sql queries.
I need some way to uniquely identify each ASSP install in order for the
stats to be at least somewhat valid, the IP address would be the easiest
and quickest way to do
Chris Norman [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
I wrote both the original merak PopB4SMTP routine and the revamped, 2nd
one.
I cut my teeth on Perl writing that function! The first one was very
poor, but once I figured out the binary format of the file, I wrote the
Fritz Borgstedt [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
Now if I want to just block that one email, and not penalize
the entire IP block, I would have to set PenaltyDuration to 0. Then
the
next email coming from that IP will be processed as normal.
However, and here is the
Hello,
Has someone developed a free log parser for ASSP yet? There is one by
Sawmill (http://www.sawmill.net/formats/anti_spam_smtpproxy.html), but that
is kind of expensive.
Regards,
Muhammad Waseem Sindhu
-
Take
On 10 Jan 2007 at 17:32, Dave Emory wrote:
Is this compliant for the Invalidate the format of HELO regex?
^\d+\.\d+\.\d+\.\d+$|^[^\.]+\.?$
That's fine and the one I use. Stops dotted ip addresses and anything without
a dot.
paul
48 matches
Mail list logo
