On Thu, 13 Nov 2014 02:17:54 -, Ian Zimmerman i...@buug.org wrote:
On Sat, 01 Nov 2014 10:06:57 -,
Kevin Golding k...@caomhin.org wrote:
Kevin So anyone else want to raise their hands?
It depends.
Would I mind a bit of regular maintenance work? No, I wouldn't mind.
Would I mind a
As Alex has said there's a need for mirrors etc. - that could
potentially be the biggest impact on volunteers (assuming they offer to
help with that aspect) since they will be a more public facing
contribution and it would be great if it didn't spend more time offline
than online.
What
On 11/13/2014 12:54 PM, Anthony Cartmell wrote:
As Alex has said there's a need for mirrors etc. - that could
potentially be the biggest impact on volunteers (assuming they offer
to help with that aspect) since they will be a more public facing
contribution and it would be great if it didn't
On 11/12/2014 8:23 PM, John Hardin wrote:
It's possible that the maintainers of DOB don't have access to the .eu
or .link TLD registrar feeds. If you come across one of these again, try:
We looked at this yesterday, actually. Joe found that the DOB RBL does
not list .eu or .link domains.
Am 12.11.2014 um 18:45 schrieb Joe Quinn:
We've been getting hammered by spam from 163.com for quite a while now,
and I really /really/ want to blacklist it, but it's one of the largest
websites in the world.
Everything I have found on Google points to them being blatant spammers,
down to the
OS CentOS 6.4
yum only offers 3.3.1-3.el6
So I'm building 3.4.0 from source but Makefile.PL reports missing
moduiles, should these be installed from CPAN?
***
NOTE: the optional Mail::SPF module is not installed.
Used
On 11/13/2014 03:09 PM, Niamh Holding wrote:
OS CentOS 6.4
6.4 is old - centos 6.6
(do you seriously make a point of running old versions?)
yum only offers 3.3.1-3.el6
forget SA from YUM /Distro packages. - it ties you to, as Benny sez,
precompiled problems :)
So I'm building 3.4.0
On 13.11.14 14:09, Niamh Holding wrote:
OS CentOS 6.4
yum only offers 3.3.1-3.el6
So I'm building 3.4.0 from source but Makefile.PL reports missing
moduiles, should these be installed from CPAN?
...via yum, whenever possible
--
Matus UHLAR - fantomas, uh...@fantomas.sk ;
On 11/13/2014 03:09 PM, Niamh Holding wrote:
OS CentOS 6.4
6.4 is old - centos 6.6
(do you seriously make a point of running old versions?)
yum only offers 3.3.1-3.el6
On 13.11.14 15:21, Axb wrote:
forget SA from YUM /Distro packages. - it ties you to, as Benny sez,
precompiled problems
On 13/11/2014 14:21, Axb wrote:
On 11/13/2014 03:09 PM, Niamh Holding wrote:
OS CentOS 6.4
6.4 is old - centos 6.6
(do you seriously make a point of running old versions?)
yum only offers 3.3.1-3.el6
forget SA from YUM /Distro packages. - it ties you to, as Benny sez,
precompiled
Am 13.11.2014 um 15:21 schrieb Axb:
On 11/13/2014 03:09 PM, Niamh Holding wrote:
OS CentOS 6.4
6.4 is old - centos 6.6
(do you seriously make a point of running old versions?)
yum only offers 3.3.1-3.el6
forget SA from YUM /Distro packages. - it ties you to, as Benny sez,
precompiled
blatant spammers for well over _10_ years, I dont know one admin in APAC
who has not blocked them a loong time ago, I also question the
one of the largest in the world rubbish too, maybe from China's point of
view they might be, but not from this part of the world
On 13/11/2014 03:45,
On 11/13/2014 03:35 PM, Matus UHLAR - fantomas wrote:
On 11/13/2014 03:09 PM, Niamh Holding wrote:
OS CentOS 6.4
6.4 is old - centos 6.6
(do you seriously make a point of running old versions?)
yum only offers 3.3.1-3.el6
On 13.11.14 15:21, Axb wrote:
forget SA from YUM /Distro
On 11/13/2014 03:34 PM, Giles Coochey wrote:
I avoid the distribution perl completely, and use perlbrew and
spamassassin 3.4.0 compiled from source, with a specific perlbrew perl
version I avoid breaking the version of perl that comes with the system
and can satisfy all dependencies via CPAN.
On 11/13/2014 9:51 AM, Axb wrote:
On 11/13/2014 03:34 PM, Giles Coochey wrote:
I avoid the distribution perl completely, and use perlbrew and
spamassassin 3.4.0 compiled from source, with a specific perlbrew perl
version I avoid breaking the version of perl that comes with the system
and can
On 11/13/2014 03:42 PM, Reindl Harald wrote:
Am 13.11.2014 um 15:21 schrieb Axb:
On 11/13/2014 03:09 PM, Niamh Holding wrote:
OS CentOS 6.4
6.4 is old - centos 6.6
(do you seriously make a point of running old versions?)
yum only offers 3.3.1-3.el6
forget SA from YUM /Distro packages.
We (MailRoute) would be happy to pitch in. We can host mirrors in a couple of
datacenters (Los Angeles and Chicago). And we'll help out wherever else we can.
Tom
On 11/13/2014 03:44 PM, Noel Butler wrote:
blatant spammers for well over _10_ years, I dont know one admin in APAC
who has not blocked them a loong time ago, I also question the
one of the largest in the world rubbish too, maybe from China's point of
view they might be, but not from
Am 13.11.2014 um 15:55 schrieb Axb:
On 11/13/2014 03:42 PM, Reindl Harald wrote:
Am 13.11.2014 um 15:21 schrieb Axb:
On 11/13/2014 03:09 PM, Niamh Holding wrote:
OS CentOS 6.4
6.4 is old - centos 6.6
(do you seriously make a point of running old versions?)
yum only offers 3.3.1-3.el6
Hello Axb,
Thursday, November 13, 2014, 2:21:44 PM, you wrote:
(do you seriously make a point of running old versions?)
If it ain't broke don't mess with it!
Given that the other server is now dead after the suggested yum update :(
Dead as in booting up from a spare disk in the raid assay
On 11/13/2014 04:22 PM, Niamh Holding wrote:
Hello Axb,
Thursday, November 13, 2014, 2:21:44 PM, you wrote:
(do you seriously make a point of running old versions?)
If it ain't broke don't mess with it!
what about security updates?
Given that the other server is now dead after the
On 11/13/2014 04:17 PM, Reindl Harald wrote:
least effort *now* but in 3 years on that machine...
that gives the victim enough time to learn the process and apply to a
new setup...
and you're suggesting he change distro
no, i just said if you bypass the package management, bring manual
Hello Axb,
Thursday, November 13, 2014, 3:40:53 PM, you wrote:
the lady can start a weekend knowing the box is
tagging spam.
First I have to get the damned ISP to stop blocking port 53 so the world
knows where to send the spam.
Most of yesterday was spent trying to work out why DNS was
Hello Axb,
Thursday, November 13, 2014, 3:29:00 PM, you wrote:
what about security updates?
Bash and ssl were addressed when announced.
A spare array disk should only be a crutch till you replace the original
disk.. simple BCP.
It's not a crutch it's booting up to how the server was 2
On November 13, 2014 3:55:05 PM Axb axb.li...@gmail.com wrote:
Pls stay in your hole and allow me to get this guy off this thread.
http://www.centos.org/ seem centos 7 is there now, but its still a problem
if there is no maintainers of spamassassin there, rule updates with iso
files, hmm
Hello Benny,
Thursday, November 13, 2014, 4:29:32 PM, you wrote:
if there is no maintainers of spamassassin there
That's why I build from source, I'm not aware od a 3.4.0 rpm either.
--
Best regards,
Holtainmailto:holt...@hotmail.com
Recent:
http://www[.]ygdholdings[.]com/bankline/message[.]php
On 08/11/14 15:19, Reindl Harald wrote:
Am 04.11.2014 um 11:30 schrieb Axb:
On 11/04/2014 02:31 AM, David Jones wrote:
Can someone post an example of this latest version to pastebin?
I filter for over 90,000 mailboxes and don't
On Thu, 13 Nov 2014, Kevin A. McGrail wrote:
I disagree. I often tell people to put a screwdriver near the server and
convince it you will dismantle it AND you don't know how to rebuild it.
Keeps the server on it's toes far better than if it thinks we know what we're
doing...
That and put
lucky you.. you got it early:
right now:
ygdholdings.com listed on black.uribl.com
ygdholdings.com listed on jp.surbl.org
ygdholdings.com listed on mw.surbl.org
ygdholdings.com listed on uri.invaluement.com
On 11/13/2014 05:49 PM, Paul Stead wrote:
Recent:
Hey guys,
I've developed a few rules which seem to be hitting well, could I get
these into the sandbox?
TO_EQ_FROM_NAME will match headers that look like the following:
From: t...@example.com u...@anotherdomain.com
To: t...@example.com
8
header __PDS_TO_EQ_FROM_NAME_1
On 11/13/2014 06:07 PM, Paul Stead wrote:
Hey guys,
I've developed a few rules which seem to be hitting well, could I get
these into the sandbox?
TO_EQ_FROM_NAME will match headers that look like the following:
From: t...@example.com u...@anotherdomain.com
To: t...@example.com
8
snowshoe... high fashion
May cause FPs co.at is a subdomain hoster/pseudo tld
uri AXB_URI_WHATCOAT/http\:\/\/\w+\.co\.at\//
won't last long...
snowshoe... high fashion
May cause FPs co.at is a subdomain hoster/pseudo tld
uri AXB_URI_WHATCOAT/http\:\/\/\w+\.co\.at\//
uri AXB_URI_WHATCOAT m{http://\w+\.co\.at/}
http://en.wikipedia.org/wiki/Leaning_toothpick_syndrome
:)
Mark
I was under the assumption that header matches only match the single line,
The subject repeat one:
Subject: Re: Hello
Re: Hello
Wouldn't the second line become the Re: header?
The same with the From:/To: headers - I'm comparing the two headers - is
there a better way?
Paul
On 13/11/14
On Thu, 13 Nov 2014, Paul Stead wrote:
I've developed a few rules which seem to be hitting well, could I get
these into the sandbox?
TO_EQ_FROM_NAME will match headers that look like the following:
From: t...@example.com u...@anotherdomain.com
To: t...@example.com
I'll review that and add
On 11/13/2014 06:55 PM, Mark Martinec wrote:
snowshoe... high fashion
May cause FPs co.at is a subdomain hoster/pseudo tld
uriAXB_URI_WHATCOAT/http\:\/\/\w+\.co\.at\//
uri AXB_URI_WHATCOAT m{http://\w+\.co\.at/}
http://en.wikipedia.org/wiki/Leaning_toothpick_syndrome
:)
hmpf
On Thu, 13 Nov 2014, Paul Stead wrote:
I was under the assumption that header matches only match the single line,
The subject repeat one:
Subject: Re: Hello
Re: Hello
Wouldn't the second line become the Re: header?
If the Re: is actually *not* indented, yes. You are correct.
The same
On 11/13/2014 06:55 PM, Paul Stead wrote:
I was under the assumption that header matches only match the single line,
The subject repeat one:
Subject: Re: Hello
Re: Hello
Wouldn't the second line become the Re: header?
The same with the From:/To: headers - I'm comparing the two headers - is
Sending examples for testing:
http://pastebin.com/J0R1AYdw - SUBJECT_REPEAT
http://pastebin.com/v6BD4m2V - TO_EQ_FROM_NAME / FROM_2_EMAILS
http://pastebin.com/pbqUn9qw - FROM_2_EMAILS
Paul
On 13/11/14 17:55, Paul Stead wrote:
I was under the assumption that header matches only match the
On 13/11/14 18:01, John Hardin wrote:
There's already hacked-wordpress rules in testing. I'll compare to
existing and see if this is already covered, can be merged neatly, or
would be a variant subrule.
The testing sub-rule was mine - this is slightly adjusted. The rules in
sandbox for
Am 13.11.2014 um 18:41 schrieb Axb:
snowshoe... high fashion
May cause FPs co.at is a subdomain hoster/pseudo tld
no, it's the same as co.uk and on the same level as .at itself,
meaning you and anybody else can register it by nic.at (the official
registry for .at) or a approved
Hello Axb,
Thursday, November 13, 2014, 5:45:02 PM, you wrote:
sometimes a small hint can save time and frustration...
are you nearly there by now?
Looks not to bad, even if for reasons stated I can only test from within
the LAN-
Nov 13 18:24:21 magnesium spamd[21634]: spamd: connection
On 13/11/14 18:01, John Hardin wrote:
On Thu, 13 Nov 2014, Paul Stead wrote:
TO_EQ_FROM_NAME will match headers that look like the following:
From: t...@example.com u...@anotherdomain.com
To: t...@example.com
I'll review that and add it to my sandbox with the other TO_EQ_FROM rules.
I've
Am 13.11.2014 um 19:26 schrieb Niamh Holding:
Though spamassassin doesn't currently appear in the chkconfig --list
chkconfig --add spamassassin
[harry@srv-rhsoft:~]$ chkconfig --help
chkconfig Version 1.3.63 - Copyright (C) 1997-2008 Red Hat, Inc.
Kostenlose Weitergabe unter den Bedingungen
On 11/13/2014 07:20 PM, Reindl Harald wrote:
Am 13.11.2014 um 18:41 schrieb Axb:
snowshoe... high fashion
May cause FPs co.at is a subdomain hoster/pseudo tld
no, it's the same as co.uk and on the same level as .at itself,
meaning you and anybody else can register it by nic.at (the
On 11/13/2014 07:26 PM, Niamh Holding wrote:
Hello Axb,
Thursday, November 13, 2014, 5:45:02 PM, you wrote:
sometimes a small hint can save time and frustration...
are you nearly there by now?
Looks not to bad, even if for reasons stated I can only test from within
the LAN-
Nov 13
On 11/13/2014 07:31 PM, Axb wrote:
On 11/13/2014 07:20 PM, Reindl Harald wrote:
Am 13.11.2014 um 18:41 schrieb Axb:
snowshoe... high fashion
May cause FPs co.at is a subdomain hoster/pseudo tld
no, it's the same as co.uk and on the same level as .at itself,
meaning you and anybody
On Thu, 13 Nov 2014 09:28:30 -,
Kevin Golding k...@caomhin.org wrote:
Kevin The main thing that's going to be needed is good, reliable,
Kevin data. We'll only get good rules with good feeds. That should be
Kevin fairly low impact for people in many respects.
Kevin Obviously there's always
On 13/11/14 17:07, Paul Stead wrote:
FROM_2_EMAILS - inspired by the Khopesh rule of the same name. Matches
when the from name contains an email address different to the from
address, such as:
From: t...@example.com u...@anotherdomain.com
8
header __PDS_FROM_2_EMAILS From =~
Hello Axb,
Thursday, November 13, 2014, 6:33:35 PM, you wrote:
or are you using procmail?
Yep
:0fw spamassassin.lock
* 512000
| /usr/local/bin/spamc -u spamtest
# | /usr/local/bin/spamassassin
# All mail with a score 10 is dumped to /dev/null
:0
* ^X-Spam-Level: \*\*\*\*\*\*\*\*\*\*
On 11/13/2014 07:50 PM, Niamh Holding wrote:
Hello Axb,
Thursday, November 13, 2014, 6:33:35 PM, you wrote:
or are you using procmail?
Yep
:0fw spamassassin.lock
* 512000
| /usr/local/bin/spamc -u spamtest
# | /usr/local/bin/spamassassin
# All mail with a score 10 is dumped to /dev/null
Am 13.11.2014 um 20:02 schrieb Axb:
do I get it right? you work for .co.at?
no you stil refuse to understand what .co.at is
.co.at === .at
if yes, what's the deal with this institution allowing spammers such a
blast of sudden abuse?
that's not a institution
.co.at is as well as.at the
Hello Axb,
Thursday, November 13, 2014, 6:56:05 PM, you wrote:
so spamd is running?
Something started it so now you gotta find it to make sure you can
stop/start the service if required.
Me started it-
service spamassassin start :)
I had the init scripts in a backup from the main server.
On 11/13/2014 08:06 PM, Reindl Harald wrote:
Am 13.11.2014 um 20:02 schrieb Axb:
do I get it right? you work for .co.at?
no you stil refuse to understand what .co.at is
.co.at === .at
if yes, what's the deal with this institution allowing spammers such a
blast of sudden abuse?
that's
Am 13.11.2014 um 20:10 schrieb Niamh Holding:
Hello Axb,
Thursday, November 13, 2014, 6:56:05 PM, you wrote:
so spamd is running?
Something started it so now you gotta find it to make sure you can
stop/start the service if required.
Me started it-
service spamassassin start :)
I had the
Am 13.11.2014 um 20:06 schrieb Reindl Harald:
Am 13.11.2014 um 20:02 schrieb Axb:
do I get it right? you work for .co.at?
no you stil refuse to understand what .co.at is
.co.at === .at
if yes, what's the deal with this institution allowing spammers such a
blast of sudden abuse?
that's
On 2014-11-13 at 20:18, Reindl Harald wrote:
please give me a list of .co.at domains blowing out junk
Here is one I just received:
Received: from 0934796b.explosis.co.at (29nty.explosis.co.at
[67.136.233.21])
by tr11n04.aset.psu.edu (8.14.5/8.14.5) with ESMTP id sADJPBTs19595484
On 11/13/2014 08:11 PM, John Hardin wrote:
On Thu, 13 Nov 2014, Axb wrote:
On 11/13/2014 07:50 PM, Reindl Harald wrote:
Am 13.11.2014 um 19:42 schrieb David B Funk:
Recently (in the past few days) I've seen a flood of spam that have
spamvertized websites registered in the .co.at domain
On 11/13/2014 08:18 PM, Reindl Harald wrote:
please give me a list of .co.at domains blowing out junk
in this thread I already posted a pastebin link to the last ones I've seen.
i have a special whois and can look if they all are registered by the
same registrar and if that is the case i
Am 13.11.2014 um 20:33 schrieb Axb:
On 11/13/2014 08:18 PM, Reindl Harald wrote:
please give me a list of .co.at domains blowing out junk
in this thread I already posted a pastebin link to the last ones I've seen.
sorry , maybe i missed that
i have a special whois and can look if they
We have a few thousand vendors in our websites database that I would like
to add to a whitelist. I am thinking of creating a /etc/mail/spamassassin/
corewhitelist.cf from this database.
What are the limitations/ repercussions of using a sitewide whitelist? If I
have 2000 addresses in the
Am 13.11.2014 um 21:08 schrieb Justin Edmands:
We have a few thousand vendors in our websites database that I would
like to add to a whitelist. I am thinking of creating a
/etc/mail/spamassassin/corewhitelist.cf http://corewhitelist.cf from
this database.
What are the limitations/
On Thu, 13 Nov 2014, Justin Edmands wrote:
We have a few thousand vendors in our websites database that I would like to
add to a whitelist. I am thinking of
creating a /etc/mail/spamassassin/corewhitelist.cf from this database.
What are the limitations/ repercussions of using a sitewide
On 11/13/2014 09:08 PM, Justin Edmands wrote:
We have a few thousand vendors in our websites database that I would like
to add to a whitelist. I am thinking of creating a /etc/mail/spamassassin/
corewhitelist.cf from this database.
What are the limitations/ repercussions of using a sitewide
On Thu, 13 Nov 2014 15:08:40 -0500
Justin Edmands shockwav...@gmail.com wrote:
What if this list grows to 2 entries?
How are you calling SpamAssassin? Maybe you should build (for example)
a Berkeley DB of whitelisted addresses and simply skip SpamAssassin for
those ones, assuming the
On Thu, 13 Nov 2014, Justin Edmands wrote:
We have a few thousand vendors in our websites database that I would like
to add to a whitelist. I am thinking of creating a /etc/mail/spamassassin/
corewhitelist.cf from this database.
What are the limitations/ repercussions of using a sitewide
On November 14, 2014 12:54:15 AM John Hardin jhar...@impsec.org wrote:
It might be more efficient to whitelist them in your MTA at the glue level
- i.e., if an email comes from their MTA, don't even pass it to SA at all.
One draw back is that ham learning is not using content from auth
hi-
i've recently asked about essentially this same topic on the postfix-users
mailing list, so apologies to those subjected to the repetition.
the topic came up for me a couple of weeks ago when i asked about duplicate
spam that was scoring low the first time it was received:
On Thu, 13 Nov 2014, listsb-spamassas...@bitrate.net wrote:
all of the emotional postulative opining aside, one possibility i have
been considering is having postfix delay relay of messages to the
content filter for a few minutes, as it seems that when these messages
reach us, they're only
On Fri, Nov 14, 2014 at 6:35 AM, John Hardin jhar...@impsec.org wrote:
if you're in a business environment you may have an uphill battle with
managing expectations, to wit: email is *not* intended to be instant
messaging - and may run up against the brick wall of management not being
willing
70 matches
Mail list logo
