sorry to hang me for this post, but I would consult them taking
advantage of the conversation can be locked via e-mail comes without
sender? I'm getting a lot of spam that has this pattern.
Best regards,
Paul
2015-10-03 1:05 GMT-03:00 Philip Rhoades via spamdyke-users
<spamdyke-users@spamdyke.org>:
Sam,
On 2015-10-02 23:47, Sam Clippinger via spamdyke-users wrote:
I guess so, but remember the wildcarding uses globbing, not
regexes.
What I mean is: using "?*" is equivalent to just "*".
Right.
Also, the line
has to contain at least one colon or spamdyke won't use it (message
headers always use a colon to separate the field name from the
value).
Yep.
Why not just use multiple entries in the file? If either one
matches,
the message will be blocked and it'd be easier to understand:
From: *@skysoft.com [1] [1]
Reply-To: *@skysoft.com [1] [1]
Doubling the number of lines offends my sensibilities . . this
works:
[FR][re][op][ml]*:*iskysoft.com [2]*
Also, sorting this issue out forced me to sort out the rDNS problem
for my main web server - so thanks for that too!
Regards,
Phil.
-- Sam Clippinger
On Oct 2, 2015, at 4:34 AM, Philip Rhoades via spamdyke-users
<spamdyke-users@spamdyke.org> wrote:
On 2015-10-02 15:42, Philip Rhoades via spamdyke-users wrote:
Sam,
On 2015-09-26 01:12, Sam Clippinger via spamdyke-users wrote:
The header blacklist file has a different format from the sender
blacklist file, so just copying entries from one to the other won't
work. You need to provide a pattern that matches the line(s) in the
message header -- in your mail client, you should have an option to
"view message source" or "view raw headers" that will show you what
it
looks like. In this specific case, you probably want this:
Reply-To: *@skysoft.com [1] [1] [3]*
The format is case insensitive and uses globbing for wildcards, so *
will match multiple characters and [] will match a set or range of
characters, just like the bash command prompt. The filter will
ignore
any lines in the file that don't contain a colon. Full details here:
http://www.spamdyke.org/documentation/README.html#HEADERS [3] [2]
[4]
So if I wanted to block the same address for both From: and
Reply-To:
I could use:
[fr][re][op][ml].*@skysoft.com [1] [1]
[fr][re][op][ml]?*@skysoft.com [1] [1]
so "*" doesn't repeat only "[ml]" ?
?
Thanks,
Phil.
For testing, you certainly can use telnet -- I do it all the time.
Just make sure the host you telnet from isn't blocked or whitelisted
for some other reason (most folks whitelist localhost, for example).
-- Sam Clippinger
On Sep 25, 2015, at 1:31 AM, Philip Rhoades via spamdyke-users
<spamdyke-users@spamdyke.org> wrote:
Sam,
On 2015-09-15 07:27, Sam Clippinger via spamdyke-users wrote:
Actually, no. The sender-blacklist-* and recipient-blacklist-*
filters
operate on different data from the header-blacklist-* filters. The
reason is because the sender and recipient addresses are given
during
the SMTP protocol and aren't part of the message itself -- the
addresses you see in your mail client are the From and To entries
from
the message header. The first paragraph here explains in a little
more
detail:
http://www.spamdyke.org/documentation/README.html#REJECTING_SENDERS
[4]
[3]
[1]
[1]
Yes, sorry, I should have realised that . .
Put another way, the sender address doesn't have to match the
"From"
address visible in the mail client -- well-behaved mail clients
make
them the same, but that's a courtesy and not a requirement. The
Reply-To address is part of the message header and, again, is only
a
convention used by well-behaved clients. If you've ever been Bcc'd
on
a message, you've seen this in action -- the sender's mail client
gave
your address as a recipient but didn't put your address on the
"To"
line in the message header.
Right, so, some follow up questions: I moved the following from the
sender-blacklist to the header-blacklist:
@iskysoft.com [2] [2]
- first in the conf file then later into a separate
header-blacklist-file with all the massaged addresses from my old
setup - but the sender above still seems to be getting through. I
thought the "@" was supposed to act like a wild card? Am I still
doing something wrong?
When I add addresses etc to blacklists etc, is there any way of
doing a test myself to see that the block is working? Using a telnet
to port 25 on my qmail server and manually pasting header lines is
not a real test is it?
Thanks,
Phil.
-- Sam Clippinger
On Sep 13, 2015, at 9:20 PM, Philip Rhoades via spamdyke-users
<spamdyke-users@spamdyke.org> wrote:
Sam,
On 2015-09-14 11:38, Sam Clippinger via spamdyke-users wrote:
I'm not entirely sure I understand your question... if the
Reply-To
address is always the same, you should be able to block it using
the
header blacklist filter.
Ah . . OK - I will try that but doesn't that mean that:
sender-blacklist-entry
is redundant - ie:
header-blacklist-entry
should cover everything?
Thanks,
Phil.
If you're wanting to compare the Reply-To
address to the From address or the sender address, spamdyke
doesn't
have that ability.
-- Sam Clippinger
On Sep 13, 2015, at 4:11 PM, Philip Rhoades via spamdyke-users
<spamdyke-users@spamdyke.org> wrote:
People,
One variety of spam that is successfully delivered to me has a
different "From:" addresses but the same "Reply-To:" address - I
can't see a way of blocking these mails in the conf file via the
"Reply-To:" address - is it possible?
Thanks,
Phil.
--
Philip Rhoades
PO Box 896
Cowra NSW 2794
Australia
E-mail: p...@pricom.com.au
_______________________________________________
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users [5]
_______________________________________________
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users [5]
--
Philip Rhoades
PO Box 896
Cowra NSW 2794
Australia
E-mail: p...@pricom.com.au
_______________________________________________
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users [5]
Links:
------
[1]
http://www.spamdyke.org/documentation/README.html#REJECTING_SENDERS
[4]
_______________________________________________
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users [5]
--
Philip Rhoades
PO Box 896
Cowra NSW 2794
Australia
E-mail: p...@pricom.com.au
_______________________________________________
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users [5]
Links:
------
[1]
http://www.spamdyke.org/documentation/README.html#REJECTING_SENDERS
[4]
[2] http://iskysoft.com [2]
[3] http://skysoft.com [1]
[4] http://www.spamdyke.org/documentation/README.html#HEADERS [3]
_______________________________________________
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users [5]
--
Philip Rhoades
PO Box 896
Cowra NSW 2794
Australia
E-mail: p...@pricom.com.au
_______________________________________________
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users [5]
Links:
------
[1] http://skysoft.com [1]
[2] http://www.spamdyke.org/documentation/README.html#HEADERS [3]
[3]
http://www.spamdyke.org/documentation/README.html#REJECTING_SENDERS
[4]
_______________________________________________
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users [5]
