W dniu 2015-02-24 o 19:22, Yves Goergen pisze:
Am 24.02.2015 um 19:00 schrieb Jeremy McSpadden:
Your better off to implement RBL at SMTP time, not SA. IMO
Which MTA are you using ?
Exim. But why should I do that? See my other message in this thread.
RBLs make mistakes. But then, only one of
On 02/24/2015 09:28 PM, Yves Goergen wrote:
Am 24.02.2015 um 19:56 schrieb Axb:
- Please post missed spam samples in pastebin.com - do not post samples
to mailing lists
It's too many to process them individually in pastebin. Here's an
archive with ~60 messages in files:
On 02/24/2015 10:32 PM, Kris Deugau wrote:
Yves Goergen wrote:
Hello,
for a few months I'm getting lots of Polish spam to one of my e-mail
addresses, sometimes a dozen per day. I have no idea what it's telling
me, I don't understand a single word. I just recognise characteristic
characters to
Yves Goergen wrote:
Hello,
for a few months I'm getting lots of Polish spam to one of my e-mail
addresses, sometimes a dozen per day. I have no idea what it's telling
me, I don't understand a single word. I just recognise characteristic
characters to know the language. Some messages have a
Am 24.02.2015 um 19:56 schrieb Axb:
- Please post missed spam samples in pastebin.com - do not post samples
to mailing lists
It's too many to process them individually in pastebin. Here's an
archive with ~60 messages in files:
Hi,
for a few months I'm getting lots of Polish spam to one of my e-mail
addresses, sometimes a dozen per day. I have no idea what it's telling
me, I don't understand a single word. I just recognise characteristic
characters to know the language. Some messages have a .pl domain as
sender
On Tue, 24 Feb 2015 07:13:20 -0700
@lbutlr wrote:
On Feb 24, 2015, at 6:44 AM, RW rwmailli...@googlemail.com wrote:
On Sun, 22 Feb 2015 07:49:49 -0700
@lbutlr wrote:
plugin: eval failed: bayes: (in learn) locker: safe_lock: cannot
create lockfile
On Feb 24, 2015, at 6:44 AM, RW rwmailli...@googlemail.com wrote:
On Sun, 22 Feb 2015 07:49:49 -0700
@lbutlr wrote:
plugin: eval failed: bayes: (in learn) locker: safe_lock: cannot
create lockfile /home/kreme/.spamassassin/bayes.mutex: Permission
denied
(And yes, that is correct, the
On Sun, 22 Feb 2015 07:49:49 -0700
@lbutlr wrote:
plugin: eval failed: bayes: (in learn) locker: safe_lock: cannot
create lockfile /home/kreme/.spamassassin/bayes.mutex: Permission
denied
(And yes, that is correct, the spamassassin files in user?s home are
not world read/writ).
Normally
On Tue, 24 Feb 2015, Matteo Dessalvi wrote:
Hello.
Sorry Axb, I don't want to be pedant but the latest
'svn export' you have suggested gave me an error:
svn: Repository moved permanently to (other location).
Indeed, if I try:
svn export
Hello.
Sorry Axb, I don't want to be pedant but the latest
'svn export' you have suggested gave me an error:
svn: Repository moved permanently to (other location).
Indeed, if I try:
svn export
On Tue, 24 Feb 2015, Yves Goergen wrote:
for a few months I'm getting lots of Polish spam to one of my e-mail
addresses, sometimes a dozen per day. I have no idea what it's telling me, I
don't understand a single word.
SpamAssassin doesn't seem to be too successful in filtering them out.
On 02/24/2015 06:35 PM, Yves Goergen wrote:
Hello,
for a few months I'm getting lots of Polish spam to one of my e-mail
addresses, sometimes a dozen per day. I have no idea what it's telling
me, I don't understand a single word. I just recognise characteristic
characters to know the language.
Hello,
for a few months I'm getting lots of Polish spam to one of my e-mail
addresses, sometimes a dozen per day. I have no idea what it's telling
me, I don't understand a single word. I just recognise characteristic
characters to know the language. Some messages have a .pl domain as
sender
Usually scores are 6 low 10 high. Are you running any RBLs ?
--
Jeremy McSpadden
Flux Labs | http://www.fluxlabs.nethttp://www.fluxlabs.net/ | Endless
Solutions
Office : 850-250-5590x501tel:850-250-5590;501 | Cell :
850-890-2543tel:850-890-2543 | Fax : 850-254-2955tel:850-254-2955
On Feb 24,
Am 24.02.2015 um 18:39 schrieb Jeremy McSpadden:
Usually scores are 6 low 10 high. Are you running any RBLs ?
I have the default settings plus the attached custom configuration.
There are several RBLs among them.
--
Yves Goergen
http://unclassified.software
# BAYES
Am 24.02.2015 um 18:58 schrieb Yves Goergen:
Am 24.02.2015 um 18:39 schrieb Jeremy McSpadden:
Usually scores are 6 low 10 high. Are you running any RBLs ?
I have the default settings plus the attached custom configuration.
There are several RBLs among them
RBL's long before the
Am 24.02.2015 um 19:00 schrieb Jeremy McSpadden:
Your better off to implement RBL at SMTP time, not SA. IMO
Which MTA are you using ?
Exim. But why should I do that? See my other message in this thread.
RBLs make mistakes. But then, only one of them makes the mistake, not all.
Are RBLs the
Am 24.02.2015 um 19:15 schrieb Yves Goergen:
Am 24.02.2015 um 19:02 schrieb Reindl Harald:
RBL's long before the contentfilter!
Do you mean to reject messages as soon as a single RBL triggers it?
That's definitely not what I want to do! I've had way too much trouble
with others doing that.
Am 24.02.2015 um 19:02 schrieb Reindl Harald:
RBL's long before the contentfilter!
Do you mean to reject messages as soon as a single RBL triggers it?
That's definitely not what I want to do! I've had way too much trouble
with others doing that. RBLs get points and the score decides. Never
W dniu 2015-02-24 o 19:56, Axb pisze:
[...]
- Please post missed spam samples in pastebin.com - do not post samples
to mailing lists
Yes, please share it, I'll take a look what kind of spamt it is.
Am 24.02.2015 um 22:00 schrieb Axb:
On 02/24/2015 09:28 PM, Yves Goergen wrote:
https://drive.google.com/file/d/0B8CN0ghdY1SdSzBqdkswRUdOb0U/view
ZIP password: spam
(Google thinks there's a virus in it so I needed to encrypt it.)
didn't need a password to extract but... whatever format those
Am 24.02.2015 um 22:49 schrieb Alex Regan:
for a few months I'm getting lots of Polish spam to one of my e-mail
addresses, sometimes a dozen per day. I have no idea what it's telling
me, I don't understand a single word. I just recognise characteristic
characters to know the language. Some
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 24-02-15 22:56, Yves Goergen wrote:
Am 24.02.2015 um 22:00 schrieb Axb:
On 02/24/2015 09:28 PM, Yves Goergen wrote:
https://drive.google.com/file/d/0B8CN0ghdY1SdSzBqdkswRUdOb0U/view
ZIP password: spam
(Google thinks there's a virus in it
On Tue, 24 Feb 2015, Alex Regan wrote:
Does anyone know/think it would be a good idea to add .pdf.zip to the mime
types reject list? Has anyone seen a real example that wasn't a virus?
Pretty much *any* double-extension filename is suspect.
--
John Hardin KA7OHZ
On Tue, 24 Feb 2015 22:56:08 +0100
Yves Goergen wrote:
Am 24.02.2015 um 22:00 schrieb Axb:
I'd definitely suggest you enable the Spamhaus SURBL rules.
They have strange TOS that actually forbid using them for more than a
single mailbox. Otherwise you need to pay for it.
That's not
Hi,
On 02/24/2015 07:06 PM, Reindl Harald wrote:
Am 25.02.2015 um 00:56 schrieb Alex Regan:
Sophos reports it as Troj/Tinba-O, like most others on virustotal.com
ClamAV does not detect anything suspicious.
I really thought clamav was much better. Can you recommend a antivirus
other than
Am 24.02.2015 um 22:56 schrieb Yves Goergen:
Last but not least, get your Bayes setup running and it will give you
the extra edge.
I once had Bayes enabled, but since it's an unattended server system, it
can only learn from itself. And that had worked really bad in the past.
So I disabled it
Am 24.02.2015 um 23:18 schrieb John Hardin:
On Tue, 24 Feb 2015, Alex Regan wrote:
Does anyone know/think it would be a good idea to add .pdf.zip to
the mime types reject list? Has anyone seen a real example that wasn't
a virus?
Pretty much *any* double-extension filename is suspect
on
On Feb 24, 2015, at 15:24, Axb axb.li...@gmail.com wrote:
*.pdf.zip is a dangerous one to block on sight - FP risk is huge
Really? I've never seen a .pdf.zip that was legitimate.
On February 24, 2015 11:06:31 PM Yves Goergen nospam.l...@unclassified.de
wrote:
From the description, they only block by file name pattern. I can't
block all archives with executable files in them. People need to send
those files from time to time. And they know that a plain attached .exe
Axb wrote:
didn't need a password to extract but... whatever format those .eml
are in, none of text editors was able to handle them so that didn't
help.
$ mkdir Spam; cd Spam
$ 7z e -pspam ../Spam.zip
Sophos reports it as Troj/Tinba-O, like most others on virustotal.com
ClamAV does not
Hi,
Sophos reports it as Troj/Tinba-O, like most others on virustotal.com
ClamAV does not detect anything suspicious.
I really thought clamav was much better. Can you recommend a antivirus
other than Sophos that works well with Linux/Fedora?
Sophos is a no-go with Fedora, apparently.
Am 25.02.2015 um 00:56 schrieb Alex Regan:
Sophos reports it as Troj/Tinba-O, like most others on virustotal.com
ClamAV does not detect anything suspicious.
I really thought clamav was much better. Can you recommend a antivirus
other than Sophos that works well with Linux/Fedora?
Sophos is a
Am 24.02.2015 um 22:42 schrieb Axb:
On 02/24/2015 10:32 PM, Kris Deugau wrote:
These are almost certainly viruses. Upload one or two of the .zip files
to virustotal.com to check against a long list of AV scanners.
Didn't check it. Avira AntiVir (my desktop scanner) didn't notice any of
Am 24.02.2015 um 23:39 schrieb LuKreme:
On Feb 24, 2015, at 15:24, Axb axb.li...@gmail.com wrote:
*.pdf.zip is a dangerous one to block on sight - FP risk is huge
Really? I've never seen a .pdf.zip that was legitimate
and i sent hundrets which where by just right click on the pdf and chose
On 02/24/2015 11:39 PM, LuKreme wrote:
On Feb 24, 2015, at 15:24, Axb axb.li...@gmail.com wrote:
*.pdf.zip is a dangerous one to block on sight - FP risk is huge
Really? I've never seen a .pdf.zip that was legitimate.
KDE: right click on a blah.pdf compress as Zip Archive and bang:
On February 24, 2015 11:57:23 PM Axb axb.li...@gmail.com wrote:
I can imagine other Linux Desktops doing the same. Dunno about Windows
or Apple
users is not asked for a filename, since the default seems fine :)
W dniu 2015-02-24 o 21:28, Yves Goergen pisze:
Am 24.02.2015 um 19:56 schrieb Axb:
- Please post missed spam samples in pastebin.com - do not post samples
to mailing lists
It's too many to process them individually in pastebin. Here's an
archive with ~60 messages in files:
On 02/24/2015 11:18 PM, John Hardin wrote:
On Tue, 24 Feb 2015, Alex Regan wrote:
Does anyone know/think it would be a good idea to add .pdf.zip to
the mime types reject list? Has anyone seen a real example that wasn't
a virus?
Pretty much *any* double-extension filename is suspect.
Am 24.02.2015 um 23:06 schrieb Yves Goergen:
Am 24.02.2015 um 22:42 schrieb Axb:
ClamAV has become a framework... and atm, you can open a a bottle of
bubbly if the official sigs actually detect anything.
Oh great. Now that I've finally set up ClamAV on the server, it's
useless? At least it
41 matches
Mail list logo
