Hi
In both cases, they don't provide any serious study. they only show
numbers that go with their claims. I don't know for others, but my logs
don't seem to confirm theirs.
Where do they show numbers? Could not find any.
and the slowdown thing is based on the theory that spammers have
Bob Cohen wrote:
I'm seeing these entries in my maillog:
May 19 18:16:41 anduril postfix/qmgr[10162]: warning: connect to
transport spamfilter: No such file or directory
May 19 18:16:42 anduril postfix/qmgr[10162]: warning: connect to
transport spamassassin: Connection refused
which
Hello, I just found a problem with a shortcircuit rule in my sa
installation (3.2.4)!
I have defined in local.cf:
header MAILMAN ALL =~
/-(bounces|confirm|join|leave|request|subscribe|unsubscribe)[EMAIL PROTECTED]/i
describeMAILMAN Mailman whitelisted
shortcircuit
Thank you for taking the time to report this. We've audited this
sender; they are a social network, where users can communicate within a
network or users inviting friends to join a forum. The sender also
implemented Captcha as part of the registration. We are working to find
out more of the how
Yes but the invite option may be abused. Like yahoo calendar invites are
abused to send spam
On Tue, 2008-05-20 at 03:23 -0700, Eloise Carlton wrote:
Thank you for taking the time to report this. We've audited this
sender; they are a social network, where users can communicate within a
ram wrote:
Yes but the invite option may be abused. Like yahoo calendar invites are
abused to send spam
Mailing-Lists also can be abused (try to subscribe with a forged address).
the question is
- can the abuser put his text or url inside the message? If so, the site
should run the text
On 20.05.08 12:06, Michael Geiger wrote:
Hello, I just found a problem with a shortcircuit rule in my sa
installation (3.2.4)!
shortcircuiting is not as easy as it seems. Many kinds of different checks
are run in parallel, some are run before others. To get shortcircuit
working, you must
Matus UHLAR - fantomas schrieb:
On 20.05.08 12:06, Michael Geiger wrote:
Hello, I just found a problem with a shortcircuit rule in my sa
installation (3.2.4)!
shortcircuiting is not as easy as it seems. Many kinds of different checks
are run in parallel, some are run before others. To get
Hello, list. I've been wondering how to stop traffic from certain
hosts which only seem to distribute spam. I'm tired of reporting the
emails to their ISP, Spamcop, etc. Since the servers are identically
configured (they seem to be virtual machines fired up/cloned from the
same template), and have
Luis Hernán Otegui wrote:
Hello, list. I've been wondering how to stop traffic from certain
hosts which only seem to distribute spam. I'm tired of reporting the
emails to their ISP, Spamcop, etc. Since the servers are identically
configured (they seem to be virtual machines fired up/cloned from
Matt Kettler wrote:
Luis Hernán Otegui wrote:
Hello, list. I've been wondering how to stop traffic from certain
hosts which only seem to distribute spam. I'm tired of reporting the
emails to their ISP, Spamcop, etc. Since the servers are identically
configured (they seem to be virtual machines
I received the following this morning when I tried a lint, it would have
occurred after an automated update this morning using sa-update. I tried
searching it online, but didn't find anything on it?
rules: failed to run __GATED_THROUGH_RCVD_REMOVER test, skipping:
(Can't locate object
Kevin Plested wrote:
I received the following this morning when I tried a lint, it would have
occurred after an automated update this morning using sa-update. I tried
searching it online, but didn't find anything on it?
rules: failed to run __GATED_THROUGH_RCVD_REMOVER test, skipping:
2008/5/20 mouss [EMAIL PROTECTED]:
Matt Kettler wrote:
Luis Hernán Otegui wrote:
Hello, list. I've been wondering how to stop traffic from certain
hosts which only seem to distribute spam. I'm tired of reporting the
emails to their ISP, Spamcop, etc. Since the servers are identically
mouss writes:
Kevin Plested wrote:
I received the following this morning when I tried a lint, it would have
occurred after an automated update this morning using sa-update. I tried
searching it online, but didn't find anything on it?
rules: failed to run
Greetings.
I'm running spamd 3.2.4 alongside my stock Qmail
installation (passing messages over ip sockets via the
qmail-queue patch) on Ubuntu 8.04. Because this is a
site-wide config, in previous distros I'd been able to
successfully get both the parent spamd process and the
spamd child
I am moving from old smtp(MX)/amavisd/spamassassin server to a
new smtp(MX)/amavisd/spamassassin server
I will be forwarding particular users email from the old server to the
new server as they are moved by using an alias in /etc/postfix/aliases.
I wish the new server to receive
On May 3, 2008, at 7:59 PM, Matt Kettler wrote:
Have you tried running one of the forged messages, and an actual
legitimate message through SA manually with the -D flag to see
what the trusted and untrusted hosts are, as SA sees it?
Yes. Many times. That's not the point of this thread.
I
Let's focus this on specific technical details:
1. How does AWL deal with forgery (other than by saving a /16 of the
source IP)
2. How can I easily see the AWL database for a given destination
address?
Hi everyone, I'm back from vacation and want to pick up where I left
off. I had offered to let anyone use one of my hosts.
tarbaby.junkemailfilter.com
as your highest numbered MX. The idea being that I would always return a
451 error. You would gain some spam reduction and I would gain
mouss, please do a little research before you go online attacking
people. Your statements about what work and don't have no backup, and
go against all existing evidence today, and yet you're blasting them
for lack of serious study. Try to do some yourself.
On May 19, 2008, at 11:46 AM,
On May 19, 2008, at 2:05 PM, Benny Pedersen wrote:
On Mon, May 19, 2008 20:18, Ralf Hildebrandt wrote:
To be fair (I'm testing it right now): It's easy to get running.
Right now the Tarpit and slowdown features cannot be had in Postfix,
so I'm giving it a spin.
give longer greylist times will
On May 19, 2008, at 11:43 PM, Koopmann, Jan-Peter wrote:
So yes: If their main benefit is tarpitting etc. then I agree it
probably is not worth the money or discussion.
Why is everyone willing to skip doing 5 minutes of research?
Mailchannels idea may not work for you. But it's worth doing
Why is everyone willing to skip doing 5 minutes of research?
I did.
Mailchannels idea may not work for you. But it's worth doing a bit of
research.
Oh the idea is nice. But there are others out there that - from my
personal perspective - are doing this stuff much better, at least from
continuing
This project is targeted mostly at harvesting the IP addresses of virus
infected spambots. First - some background.
I virus infected spambot sends email differently than SMTP servers and
there is enough difference that they can usually be detected on the
first attempt to
... continued
As I said in my last mesage. The High MX no quit spambot detectors will
send UDP messages to a receiving server that listens for these messages
and processes them into blacklists.
What I'm doing is just using SOCAT to listen. But doing it right you
might want to use a real
Jo Rhett wrote:
mouss, please do a little research
I did. I may get things wrong, and would be pleased to get corrected. so
please share your knowledge.
before you go online attacking people.
if discussion is considered as an attack, ...
Your statements about what work and don't have no
Jo Rhett wrote:
On May 19, 2008, at 11:43 PM, Koopmann, Jan-Peter wrote:
So yes: If their main benefit is tarpitting etc. then I agree it
probably is not worth the money or discussion.
Why is everyone willing to skip doing 5 minutes of research?
Mailchannels idea may not work for you.
Jo Rhett writes:
Let's focus this on specific technical details:
1. How does AWL deal with forgery (other than by saving a /16 of the
source IP)
No other way. What's wrong with saving a /16? In my experience it's
worked pretty well for the past few years...
2. How can I easily see the
On Tue, May 20, 2008 15:48, Luis Hernán Otegui wrote:
Here are two examples:
http://pastebin.com/m2a039236
http://pastebin.com/m5f77a5a4
both are good candidates for training bayes
just dont whitelist spam domains, it gets spf_pass that only says domain owner
have assigned it good relay,
On Tue, May 20, 2008 16:08, Matt Kettler wrote:
Why get SPF involved? Just blacklist the domain with blacklist_from
[EMAIL PROTECTED]
bad example :-)
SPF is useful to prevent forgery, but if a spammer wants to forge a
domain you've blacklisted.. well, more power to em.
default
On Tue, May 20, 2008 22:07, Justin Mason wrote:
No other way. What's wrong with saving a /16? In my experience it's
worked pretty well for the past few years...
when mails is from [EMAIL PROTECTED] to [EMAIL PROTECTED] this should kill the
attempt to get negative scores
but positive should
On Tue, May 20, 2008 19:23, Jo Rhett wrote:
give longer greylist times will do without marketing :-)
It will slow down real user's mail a lot too.
real mail servers is
1: known
2: can be bypassed in greylist on that fact #1
Benny Pedersen
Need more webspace ?
The whole error that shows when running spamassassin -D -r spam is:
[16283] warn: reporter: razor2 report failed: No such file or directory
reporter: razor2 had unknown error during authenticate
at /usr/lib/perl5/site_perl/5.8.5/Mail/SpamAssassin/Plugin/Razor2.pm line
217, GEN2 line 1.
at
Benny Pedersen wrote:
On Tue, May 20, 2008 16:08, Matt Kettler wrote:
Why get SPF involved? Just blacklist the domain with blacklist_from
[EMAIL PROTECTED]
bad example :-)
Agreed..
SPF is useful to prevent forgery, but if a spammer wants to forge a
domain you've blacklisted..
Jo Rhett wrote:
On May 3, 2008, at 7:59 PM, Matt Kettler wrote:
Have you tried running one of the forged messages, and an actual
legitimate message through SA manually with the -D flag to see what
the trusted and untrusted hosts are, as SA sees it?
Yes. Many times. That's not the point of
36 matches
Mail list logo