On 6/29/2015 10:39 AM, Reindl Harald wrote:
tell me one reason why should i waste 1-5 seconds for on some days a
million blocked mails while i can get rid of them in ms?
On 29.06.15 11:00, Ted Mittelstaedt wrote:
Because, it's 1-5 seconds. If it was 1-5 minutes then sure.
million times 1-5
Of course, Postfix fixes everything from AIDS to global warming, it's
the greatest MTA ever invented. eyeroll
Exactly the kind of thing I would expect from you. Haven't you worn
out that Postfix drum your banging yet?
Ted
On 6/27/2015 3:04 AM, Reindl Harald wrote:
Am 27.06.2015 um 10:18
On Jun 29, 2015, at 12:35 PM, Reindl Harald h.rei...@thelounge.net wrote:
Am 29.06.2015 um 18:29 schrieb Ted Mittelstaedt:
Of course, Postfix fixes everything from AIDS to global warming, it's
the greatest MTA ever invented. eyeroll
for other MTA'S score-bayes RBL handling on MTA level
Am 29.06.2015 um 18:29 schrieb Ted Mittelstaedt:
Of course, Postfix fixes everything from AIDS to global warming, it's
the greatest MTA ever invented. eyeroll
for other MTA'S score-bayes RBL handling on MTA level exists too in form
of policy daemons eyeroll
Exactly the kind of thing I
and here you go, so the next time before you answer with foam in front
of your mouth and don't get what something like Postscreen means
educate yourself!
http://blog.schalanda.name/archives/118-Exim-4-and-policyd-weight.html/
Am 29.06.2015 um 18:35 schrieb Reindl Harald:
Am 29.06.2015 um
On Jun 29, 2015, at 12:35 PM, Reindl Harald h.rei...@thelounge.net wrote:
Am 29.06.2015 um 18:29 schrieb Ted Mittelstaedt:
What other free MTA is there that’s in common use? qmail is dead and
buried. Sendmail and Exim are pretty much niche. What exactly is wrong
with Postfix?
Nothing.
The days of squeezing every last CPU cycle out of something are
long, gone Reindl.
I really appreciate that your bound and determined to keep that
80486 server running but nobody else is doing it anymore.
Why do you think SA is written in Perl? Of all languages!!!
Sure, let's pick the
Am 29.06.2015 um 19:28 schrieb Ted Mittelstaedt:
The days of squeezing every last CPU cycle out of something are
long, gone Reindl.
nonsense
I really appreciate that your bound and determined to keep that
80486 server running but nobody else is doing it anymore.
tell me one reason why
On 6/29/2015 9:48 AM, Charles Sprickman wrote:
On Jun 29, 2015, at 12:35 PM, Reindl Haraldh.rei...@thelounge.net wrote:
Am 29.06.2015 um 18:29 schrieb Ted Mittelstaedt:
Of course, Postfix fixes everything from AIDS to global warming, it's
the greatest MTA ever invented.eyeroll
for other
Am 29.06.2015 um 19:34 schrieb Ted Mittelstaedt:
My objection isn't to Postfix. My objection is to assuming that
Postfix is the one and only way to do something.
If you have an idea on how to block spam I'm all ears - until your
idea gets positioned as a Postfix-only solution first.
If you
On 6/29/2015 10:39 AM, Reindl Harald wrote:
Am 29.06.2015 um 19:28 schrieb Ted Mittelstaedt:
The days of squeezing every last CPU cycle out of something are
long, gone Reindl.
nonsense
I really appreciate that your bound and determined to keep that
80486 server running but nobody else
Am 29.06.2015 um 20:00 schrieb Ted Mittelstaedt:
I have users who sometimes want to receive mail from a system in an RBL.
It's their mailbox, they are paying for it. Why should I not let them
do it?
these are corporate customers getting mail from other corporate
customers who are completely
On Friday 26 June 2015 17.40.04 Ted Mittelstaedt wrote:
But, putting RBL checks into the MTA is the best way I know to piss off
your users since tag-and-forward is not an option on MTA rbl checking.
That's why we all do our RBL checks in spamassassin.
On 27.06.15 10:18, Martin S wrote:
Could
On Friday 26 June 2015 17.40.04 Ted Mittelstaedt wrote:
But, putting RBL checks into the MTA is the best way I know to piss off
your users since tag-and-forward is not an option on MTA rbl checking.
That's why we all do our RBL checks in spamassassin.
Could you elaborate on this? I'm new to
Am 27.06.2015 um 10:18 schrieb Martin S:
On Friday 26 June 2015 17.40.04 Ted Mittelstaedt wrote:
But, putting RBL checks into the MTA is the best way I know to piss off
your users since tag-and-forward is not an option on MTA rbl checking.
That's why we all do our RBL checks in spamassassin.
Hi,
blacklist_from *@*.allisonarctictrips.com
spf-pass take responselily
Yes, after it's received, there are a ton of things that could be done
to block it (including my local RBL). I was hoping for something
preventative.
Eh? I'm afraid I don't get this at all - greylisting and RBL
Hi,
I have one system with greylisting enabled and another that hasn't yet
been enabled. On the system without it, I'm receiving a ton of random
spam that hits bayes99 but pretty much nothing else.
http://pastebin.com/FzUkEvRp
It all seems to be related to the same botnet because it has
Are you running a centralized Bayes with some honeypot addresses feeding
it?
A search of your messages log should give you plenty of bogus email
addresses that the botnet has been probing for on your system. Pick
some of the obvious ones and set them up as feeders to Bays and that
should take
Alex Regan skrev den 2015-06-26 18:33:
http://pastebin.com/FzUkEvRp
blacklist_from *@*.allisonarctictrips.com
spf-pass take responselily
From: Benny Pedersen m...@junc.eu
Sent: Friday, June 26, 2015 11:45 AM
To: users@spamassassin.apache.org
Subject: Re: Rules needed...
Alex Regan skrev den 2015-06-26 18:33:
http://pastebin.com/FzUkEvRp
blacklist_from *@*.allisonarctictrips.com
spf-pass take responselily
That IP is on a ton
On 26 Jun 2015, at 12:33, Alex Regan wrote:
Hi,
I have one system with greylisting enabled and another that hasn't yet
been enabled. On the system without it, I'm receiving a ton of random
spam that hits bayes99 but pretty much nothing else.
http://pastebin.com/FzUkEvRp
It all seems to be
On 06/26/2015 12:45 PM, Benny Pedersen wrote:
Alex Regan skrev den 2015-06-26 18:33:
http://pastebin.com/FzUkEvRp
blacklist_from *@*.allisonarctictrips.com
spf-pass take responselily
Yes, after it's received, there are a ton of things that could be done
to block it (including my local
On June 26, 2015 8:00:22 PM Dave Wreski dwre...@guardiandigital.com wrote:
On 06/26/2015 12:45 PM, Benny Pedersen wrote:
Alex Regan skrev den 2015-06-26 18:33:
http://pastebin.com/FzUkEvRp
blacklist_from *@*.allisonarctictrips.com
spf-pass take responselily
Yes, after it's received,
On 6/26/2015 10:53 AM, Dave Wreski wrote:
On 06/26/2015 12:45 PM, Benny Pedersen wrote:
Alex Regan skrev den 2015-06-26 18:33:
http://pastebin.com/FzUkEvRp
blacklist_from *@*.allisonarctictrips.com
spf-pass take responselily
Yes, after it's received, there are a ton of things that
In my experience, banks and financial institutions tend to be among the
worst offenders against sane bulk mailing practices. SPF or DKIM will
be broken or inconsistently applied, and sender/relay domains seem to
vary with the weather. I think it will be tough to nail down all the
valid domains a
Yep, you are damn right. I work in a company where I maintain a list for
canadian banks and more. It's a pain, but it's effective.
Should a few responsible of us contribute, it would greatly help.
Alex, from osmose.
Bow before me, for I am root.
On 12-08-24 02:03 PM, Matt Garretson wrote:
In
On Thu, 23 Aug 2012 01:33:56 +0100
Ned Slider wrote:
# Fedex
header__LOCAL_FROM_FEDEX Return-Path:addr
=~ /\@fedex\.com$/i meta
LOCAL_SPF_FEDEX ((SPF_SOFTFAIL || SPF_FAIL)
__LOCAL_FROM_FEDEX) describe LOCAL_SPF_FEDEX
Fedex SPF Fail
and if I want to
Well i can help with a plugin to automate things but i can only automate
something once it is done a few times. Have you written the rules you think
will help for say two of the domain's?
Have you collected example ham and spam?
You have a good idea but without specifics, i don't know the
On 23/08/12 04:31, Kevin A. McGrail wrote:
On 8/22/2012 8:33 PM, Ned Slider wrote:
So if I hit all mail claiming to be sent from fedex.com that fails SPF
I can easily weed out all the fakes:
# Fedex
header __LOCAL_FROM_FEDEX Return-Path:addr =~ /\@fedex\.com$/i
meta LOCAL_SPF_FEDEX
On 23/08/12 12:08, RW wrote:
On Thu, 23 Aug 2012 01:33:56 +0100
Ned Slider wrote:
# Fedex
header __LOCAL_FROM_FEDEX Return-Path:addr
=~ /\@fedex\.com$/i meta
LOCAL_SPF_FEDEX ((SPF_SOFTFAIL || SPF_FAIL)
__LOCAL_FROM_FEDEX) describeLOCAL_SPF_FEDEX
Fedex SPF Fail
and if
I think the idea has merit. Can you open a bug in bugzilla, please? My
goals are to get some more polish on masscheck and put out a 3.4.0 rc1
and deal with the 3.4.X infrastructure changes. After that I'll offer
to work with you on this if no one steps up by then.
regards,
KAM
I guess what we are looking for is a plugin that can take a list of
commonly abused domains known to have valid SPF records or valid DKIM
signatures, and to be able to apply a (stronger) score to those messages
that fail the SPF and/or DKIM test.
Several common domains that do provide a
Let's take wellsfargo.com (Wells Fargo Bank) as an example.
If the FCrDNS of the connecting server is *.wellsfargo.com it is ham.
If wellsfargo.com is in the received lines and not forged it is ham.
If wellsfargo.com is in the received headers and it is forged it is spam.
If wellsfargo.com is in
On 23/08/12 18:18, Marc Perkel wrote:
Let's take wellsfargo.com (Wells Fargo Bank) as an example.
If the FCrDNS of the connecting server is *.wellsfargo.com it is ham.
If wellsfargo.com is in the received lines and not forged it is ham.
If wellsfargo.com is in the received headers and it is
Great idea - but don't under-estimate the amount of work. Someone
thought there'd be only 20-30 domains to be covered - but I'd say
that's actually 20-30 domains PER COUNTRY.
Here in New Zealand we get a lot of phishing attacks using New Zealand
banks - just like you get spam referring to your
That's my opinion too.
Therefor the community will have to contribute to the list of which
domain to add or not.
Alex, from osmose.
Bow before me, for I am root.
On 12-08-23 07:20 PM, Jason Haar wrote:
Great idea - but don't under-estimate the amount of work. Someone
thought there'd be only
I'd like to make a suggestion as to how to block a lot of fraud. This
would involve making a list of domains similar to the successful
freemail list plugin. The idea is to block email that spoofs major
institutions such as banks, credit cards, ebay, and other organizations
that want to try to
On 22/08/12 16:22, Marc Perkel wrote:
I'd like to make a suggestion as to how to block a lot of fraud. This
would involve making a list of domains similar to the successful
freemail list plugin. The idea is to block email that spoofs major
institutions such as banks, credit cards, ebay, and
On Wed, 22 Aug 2012 17:40:23 +0100
Ned Slider wrote:
On 22/08/12 16:22, Marc Perkel wrote:
I'd like to make a suggestion as to how to block a lot of fraud.
This would involve making a list of domains similar to the
successful freemail list plugin. The idea is to block email that
spoofs
RW rwmailli...@googlemail.com writes:
My bank outsources it's email to a email marketing company. I think
this sort of thing is quite common. The received header has nothing to
do with the the bank. It passes spf, but the domain is not one it
uses for anything else.
I think the point is
On 23/08/12 00:07, RW wrote:
On Wed, 22 Aug 2012 17:40:23 +0100
Ned Slider wrote:
On 22/08/12 16:22, Marc Perkel wrote:
I'd like to make a suggestion as to how to block a lot of fraud.
This would involve making a list of domains similar to the
successful freemail list plugin. The idea is to
On Thu, 23 Aug 2012, Ned Slider wrote:
So if I hit all mail claiming to be sent from fedex.com that fails SPF I
can easily weed out all the fakes:
# Fedex
header __LOCAL_FROM_FEDEX Return-Path:addr =~ /\@fedex\.com$/i
metaLOCAL_SPF_FEDEX ((SPF_SOFTFAIL ||
On 8/22/2012 8:33 PM, Ned Slider wrote:
So if I hit all mail claiming to be sent from fedex.com that fails SPF
I can easily weed out all the fakes:
# Fedex
header__LOCAL_FROM_FEDEXReturn-Path:addr =~ /\@fedex\.com$/i
metaLOCAL_SPF_FEDEX((SPF_SOFTFAIL || SPF_FAIL)
On 8/22/2012 8:31 PM, Kevin A. McGrail wrote:
On 8/22/2012 8:33 PM, Ned Slider wrote:
So if I hit all mail claiming to be sent from fedex.com that fails
SPF I can easily weed out all the fakes:
# Fedex
header__LOCAL_FROM_FEDEXReturn-Path:addr =~ /\@fedex\.com$/i
meta
44 matches
Mail list logo
