Operators of newsgroups which mirror/archive mailing
lists, and allow posting from a web interface, are adding forged
Received: headers before sending an email to the respective list
server.
In what way are they forged? Do they contain addresses that doesn't match the
system adding the
.
http://wiki2.dovecot.org/Plugins/Antispam
http://johannes.sipsolutions.net/Projects/dovecot-antispam
Regards
/Jonas
--
Jonas Eckerman
http://www.truls.org/
, and by cron put some
script which re-learn from folder spam|nospam on domains.
How do you think it will work? Or may be some better idea?
I've done something similar myself. How good it works depends a lot on
your users.
/Jonas
--
Jonas Eckerman
http://www.truls.org/
a lot better than individual databases.
How much does the mail streams for the domains have in common? If they
have a lot in common it makes sense to have a common bayes database for
them. Otherwise separate databases for each domain migh be better.
Regards
/Jonas
--
Jonas Eckerman
http
and AWL are
supposed to be able to give different scores to the same mail in
different mail streams.
It is of course possible that there are other differences in scores as
well if the two passes were run with different local score settings.
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges
name, like they
did with Firefox / Iceweasel etc.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
list he's hosting a while back. I'm
attaching that message to this one.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
---BeginMessage---
I don't know if it will be useful but I made a short URL
and it's available at
http://whatever.frukt.org/spamassassin.text.shtml
It can use Marc's DNS based URL shortener list.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
that against or logs. It
would nice to have windows desktops greylisted while still beeing able
to exempt windows mail and groupware systems.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
to greylisting indicates
that it's impact is not (so far) big enough to care about.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
On 2010-03-30 13:31, Kai Schaetzl wrote:
Jonas Eckerman wrote on Tue, 30 Mar 2010 00:41:01 +0200:
Unless the greylisting is done *after* receiving the body. Of course,
this will spank innocent senders as well.
Ooops? It spanks *yourself*.
Not really. It does force us to accept the mail
because it stops a lot of spam, I've never
seen any data substantiating claims that it has a measurable negative
impact on botnets. So I'm not convinced it really does a lot of spanking
of offenders...
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org
and/or extensions and adding rules to catch them will be trivial.
That's what I thought when I wrote it. :-)
At that time I wanted to catch some stuff that where a RAR atchment had
a ZIP MIME type (or maybe it was the other way round).
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet
database
contains info for SVG and BMP (it should) it can check for those mismatches.
It's named MimeMagic and is available at
http://whatever.frukt.org/spamassassin.text.shtml
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http
. It probably should be able to
add text/html as html, so that a HTML stripping extractor plugin would
be redundant. I'll look into this. Can't be sure when I have the time
though.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http
for our our HEAD requests.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
.
If there is to be a policy record, maybe that should be a TXT record,
but I too like the A record for the actual MTX lookup.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
On 2010-02-14 19:20, dar...@chaosreigns.com wrote:
On 02/14, Jonas Eckerman wrote:
The SPF record above says that a host using panic.chaosreigns.com
in HELO should not be allowed to send mail unless it has the IP
address 64.71.152.40, regardless of the domain in the envelope
from, From
On 2010-02-14 19:20, dar...@chaosreigns.com wrote:
On 02/14, Jonas Eckerman wrote:
* I think there should be a way to tell the world wether you are using
the scheme for a domain (not host) or not. This could easily be done in
DNS.
I need to think about this more, thanks for the suggestion
On 2010-02-15 15:04, Charles Gregory wrote:
On Sun, 14 Feb 2010, Jonas Eckerman wrote:
1: The participation record is optional, so you only use it if you
want everything else to be rejected.
This is why I would support mtamark... It permits the sysadmin to
determine the default behaviour
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
documentation.)
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
used
in MAIL FROM.
(It's not that use of SPF that breaks (borken) forwarding, it's the
limits connected to the domain used in MAIL FROM.)
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
. Either a TXT record or a bitmaped A record for
example. Call it _policy._mtx.*.
More on the other very valid concerns later about this...
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
might be even better.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
1. It shows up as internal mail so gets -6 points or so from the
auto-whitelist thus giving it a decent chance of getting through.
If it shows up as internal mail even though its external something is
wrong.
The AWL takes both the renders email address and the sending systems
IP-address
simpler using UDP instead.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
to approved IP addresses.)
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
Jonas Eckerman wrote:
At the time I mentioned that I planned to add support for
that list in my URLRedirect plugin.
That support is there, and it seems to be working.
Of course I forgot to include where the module can be found...
It's available at
http://whatever.frukt.org
the
reputation of their main brand as well.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
DNSBLs.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
on each redirection service.
Since my plugin adds redirect targets to the message metadata that check
could be done with a normal URL rule.
(It might be useful if the plugin flags redirections that redirects to
the same domain.)
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges
an open mechanism to redirect a
web browser to another website, ie, by adding a
url=http://anotherwebsite in the URL.
---8---
I would not consider open redirector of that type to be the same thing
as a URL shortener service (especially not a well run service).
/Jonas
--
Jonas Eckerman
that other checks (URIBL for example) sees it.
Using a DNS based well kept after list of redirectors could make that
plugin much more useful than it is currently.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http
it as well. I'll
post here when/if I implement it in URLRedirect.pm.
For more info on URLRedirect.pm check at
http://whatever.frukt.org/spamassassin.text.shtml
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
to
bayes and rules. It comes with a config that uses antiword to do this.
It's available at
http://whatever.frukt.org/spamassassin.text.shtml#ExtractText.pm
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http
wiki page, and is available at
http://whatever.frukt.org/spamassassin.text.shtml.
It comes with a config for extracting text from Word, OpenXML, RTF, ODF
and PDF files.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http
is (as mentioned above)
something I want to do. Since I don't do any OCR at all here, that's a
pretty low priority though (unless people start asking for it more).
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
before.
I don't know if DCC cares about the subject att all. If it doesn't, it's
even more liekey that it would hit on an empty test message.
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
/spamassassin.text.shtml
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
.
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
, and then update it if/when
Mail::SpamAssassin::Message::Node is updated to support this in a nice
way. :-)
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
mirrored to
http://mmm.truls.org/m/ExtractText.zip.)
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
as for
any other scoring rules in SA.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
SpamAssassin.
but at some sites both .pm .cf fiels
are available can some one please guide me wht to do with .pm files
how to install them or make them work for me.
Read about loadplugin in the above mentioned documentation.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
available at
http://whatever.frukt.org/spamassassin.text.shtml
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
to flag a message.
I'm cynical. The only logical
reason I can see for anything of this nature is money changing hands.
That's not beeing cynical. It's beeing unbelievably unimaginative.
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org
URIDNSBL
checks for is to save resources by not checking domains that won't be
hit anyway, then the whole list should probably be regularly checked by
a script that simply flags any domains present on URIDNSBLs for review
(or possibly just comment them out of the list).
/Jonas
--
Jonas Eckerman
?
How I am to know that when you wrote SpamAssassin effectively white
listing spammers you did not in fact imply that SpamAssassin is
whitelisting spammers?
If you think I'm silly for believing that you mean what you write, then
please keep considering me silly.
/Jonas
--
Jonas Eckerman
Benny Pedersen wrote:
http://whatever.frukt.org/graphdefang/ExtractText.zip).
I've now mirrored the file as
http://mmm.truls.org/m/ExtractText.zip
I hope that will work better.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http
Jonas Eckerman wrote:
For anyone who likes to test stuff, I've uploaded my plugin that
extracts text from documents to
http://whatever.frukt.org/graphdefang/ExtractText.zip
In case any of you have problems downloading the file, it's now mirrored as
http://mmm.truls.org/m/ExtractText.zip
.
only problem i had was that unrtf nedd to have ${file} in the example cf to
work all else works
Odd. I don't need ${file} for unrtf here.
I'm using unrtf 0.21.0. Are you using an older version?
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org
to control the tmp file path, i cant find where
this is made
I'm using Mail::SpamAssassin::Util::secure_tmpfile, so it's SA that
controls the path to the temp files. I don't know if you can set that in
SAs config or not.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http
need something that will run on Solaris.
I've no idea wether it compiles on Solaris or not, but since I installed
it from ports on FreeBSD I do know that it compiles on at least one Unix
like OS and doesn't require Windows.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges
) in my ExtractText plugin.
(For more info about the plugin, see my post with subject ExtractText
plugin, or download it from
http://whatever.frukt.org/graphdefang/ExtractText.zip).
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
directly, but MIMEDefang can use the results from SA to add headers.
OTOH, if one is using MIMEDefang, then one would most likely use
MIMEDefang to strip attachment rather than a compbination of SA and
maildrop.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http
, it shouldn't be hard to extract PDF's too :)
This I don't understand. Do they put PDFs inside .doc files as if the
..doc was an archive?
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
Jonas Eckerman wrote:
You meen extract images and add them as parts to the message?
I guess that should be doable. I know that unrtf can extract images
from RTF files. I'll probably implement support for this, but I'll
probably not implement actually doing it right away.
This'll probably
in the word document. Antiword only extracts text, and my extractor for
OpenXML is little more than an extremely basic XML remover.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
. In that case I hope to be verbosely corrected. :-)
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
, but not of the plugins.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
happy just extracting
text. :-) And it does extract text (currently from Word, OpenXML,
OpenDocument and RTF documents). :-)
I actually hadn't even thought about this image/OCR etc stuff before
Matus suggested it.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http
set_rendered method as in the example, so it should work. ;-)
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
-To:Content-Type:Content-Transfer-Encoding;
As long as mailman (or anything else) doesn't change that data, the DKIM
signature will still be valid and verifiable, wich it is here.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
/
Examples 2, third party plugins at:
http://wiki.apache.org/spamassassin/CustomPlugins
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
. Currently it uses a parsed_metadata at
priority -1 in order to add it's own meta-data. Maybe this isn't the
right way to do this.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
executable if it had a .doc or .xls extension when the user
double-clicked it.)
For the current image spam it's overkill, but it did hit when I ran
checked OPs example message here.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org
that existing URI checkers sees them).
The WebRedirect plugin provides an eval test to check the status code
for queried links.
My plugin doesn't.
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
consider it
experimental since I haven't done enough evaluation of it's results.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
to FileType than the current name: MimeMagic.
Anyway, it can be found at
http://whatever.frukt.org/spamassassin.text.shtml
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
as well.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
:
man sa-learn
man spamc
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
telling their headers are in practice.)
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
part two is needed.
Part Two: Fix the sending systems so that they do not use an
inappropriately low timeout after data end (CRLF.CRLF). There's a
reason why it SHOULD be 10 minutes.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
by others as
well in january or february IIRC.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
score is so much lower than the previous score,
while still beeing very high, could be an indication of this.
Of course, since we don't know what rules actually hit the message, this
is just a guess.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org
and server IP.
Our users (me included) understandably wanted mail on laptops to be easier.
The possibility of using SPF and DKIM were just bonuses.
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
Matus UHLAR - fantomas uh...@fantomas.sk 5.5.'09, 8:55:
Strictly speaking, getting them to use it consistently and properly will
be MORE difficult,
more difficult than what?
I parsed it as him stating that getting users to use his proposed PSPF will be
more difficult than getting them
of ideas about possible
future extensions to SPF, DKIM or whatever except as to how those ideas
might have a direct impact on the usage or development of SpamAssassin.
I can't speak for others, but this is one reason why I haven't given my
opinions about your proposed PSPF.
Regards
/Jonas
--
Jonas
'position' as us, who
would also benefit from this 'next level' of SPF verification...
- Charles
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
, the AWL entry should use
my IP address not a random gmail server.
Considering that lots of people have dynamic routable addresses, this
seems like a bad idea for a big group of people not using WebMail.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org
Linda Walsh skrev:
Yeah -- then this refers back to the bug about there being no way to prune
that file -- it just slowly grows and needs to be read in when spamd
starts(?)
No.
The AWL is stored in a database, and spamd does not read the whole
database into memory. It just looks up and
currently got a fever and therefore may be
tricked by a non optimally working brain into writing things thar
simply aren't correct...)
Regards
/Jonas
--
Jonas Eckerman, FSDB Fruktträdet
http://whatever.frukt.org/
http://www.fsdb.org/
http://www.frukt.org/
connection.
From the abstract it's possible that it does so at a firewall
level rather than as an MTA, though it might also describe a more
common SMTP proxy.
/J
--
Jonas Eckerman, FSDB Fruktträdet
http://whatever.frukt.org/
http://www.fsdb.org/
http://www.frukt.org/
quarantine at 18 points. So Nigerian scams get at
least 9 points here.
So most nigerian mail are either stopped by our greylist or get
18 points or more, and virtually none get lower than 9 points here.
Regards
/Jonas
--
Jonas Eckerman, FSDB Fruktträdet
http://whatever.frukt.org/
http
fraud (Nigerian 419)
/Jonas
--
Jonas Eckerman, FSDB Fruktträdet
http://whatever.frukt.org/
http://www.fsdb.org/
http://www.frukt.org/
the users preferences from
file (when the file has been modified) and updates the SQL database.
Regards
/Jonas
--
Jonas Eckerman, FSDB Fruktträdet
http://whatever.frukt.org/
http://www.fsdb.org/
http://www.frukt.org/
to be avoided. (Maybe there's more than those that should
be moved from ~/.spamassassin though).
/Jonas
--
Jonas Eckerman, FSDB Fruktträdet
http://whatever.frukt.org/
http://www.fsdb.org/
http://www.frukt.org/
have no
way of knowing when or if that might be.
Regards
/Jonas
--
Jonas Eckerman, FSDB Fruktträdet
http://whatever.frukt.org/
http://www.fsdb.org/
http://www.frukt.org/
) to a whole bunch of people for
suggestions and/or changes. Presumably at least some of those
suggestions and/or changes did have some kind of effect on the
plugin.
/Jonas
--
Jonas Eckerman, FSDB Fruktträdet
http://whatever.frukt.org/
http://www.fsdb.org/
http://www.frukt.org/
with the IP address allows you to match
patterns that might otherwise lead to FPs.)
Regards
/Jonas
--
Jonas Eckerman, FSDB Fruktträdet
http://whatever.frukt.org/
http://www.fsdb.org/
http://www.frukt.org/
(with an extra +1 if p0f says it's a Windows system).
Regards
/Jonas
--
Jonas Eckerman, FSDB Fruktträdet
http://whatever.frukt.org/
http://www.fsdb.org/
http://www.frukt.org/
in it, please tell me and
the list about it.
Regards
/Jonas
--
Jonas Eckerman, FSDB
http://www.fsdb.org/
--- Botnet.pm Thu Jan 15 21:35:42 2009
+++ Botnet.pm.new Thu Jan 15 21:36:25 2009
@@ -721,8 +721,16 @@
dnsrch=0,
defnames=0,
);
- if ($query
--
Jonas Eckerman, FSDB Fruktträdet
http://whatever.frukt.org/
http://www.fsdb.org/
http://www.frukt.org/
1 - 100 of 221 matches
Mail list logo
