Re: contact from blacklist

2020-11-24 Thread RW 
On Mon, 23 Nov 2020 08:27:23 +0100
Benoît Panizzon wrote:

> Hi Philipp
> 
> We see them a lot lately. This are all forms which pass on some sort
> of user content back to the alleged subscriber during the subscription
> process.
> 
> So if you can pass a 'firstname' (or any other data) during
> subscription, and the form which requests a confirmation for this
> subscription includes that data like:
> ---
> Hello 'firstname' thank you for subscribing, please confirm by
> clicking the link below.
> ---
> 
> Now of course the attacker might enter the string
> 
> 'buy cheap RX drugs: https://bit.bly/vl4gr4-4-ch34p'
> 
> as firstname and successfully spam this way.

A lot of confirmation emails display first and last name. Most of those
I saw ended up looking something like this:

Hello Constance wants to see you in 12 hours 
https://www.swatchpop.com/link?url=https://nfr-52.webself.net  k7,

I'm guessing that k7 here would be what the spammer's script entered as
"last name", it's just something unobtrusive. I found this useful because
it was a fixed pattern, always 2 alphanumeric characters.

Re: adding AV scanning to working Postfix/SA system

2020-11-24 Thread Joe Acquisto-j4 
>> 
> On 11/24/20 12:40 PM, Axb wrote:
>> Fuglu supports Sophos AV
>> See fuglu.org
> 
> Sophos recently discontinued their support for SAVI on Linux. They now 
> only support "Server Central Intercept X Advanced" which is an entirely 
> different product.
> 
> I would also be interested in newer/supported AV alternatives.
> 
> Regards,
> Dave
> 

Well, that's a fine how do ya do.  Eh, this was more an "exercise" project 
anyway. I suppose almost any scanner with
reasonable updating capability will do fine.



-
   j4computers, llc
   Stone Ridge, NY 12484
845-687-3734
   www.j4computers.com
-

Re: adding AV scanning to working Postfix/SA system

2020-11-24 Thread Dave Wreski 




On 11/24/20 12:40 PM, Axb wrote:

Fuglu supports Sophos AV
See fuglu.org


Sophos recently discontinued their support for SAVI on Linux. They now 
only support "Server Central Intercept X Advanced" which is an entirely 
different product.


I would also be interested in newer/supported AV alternatives.

Regards,
Dave



On 11/23/20 5:37 PM, Joe Acquisto-j4 wrote:
So, beyond "experiences" any leads on generic "how to" guides that 
actually work in
practice?   I've found a few, rather than chase geese, I'm sure some 
here have done

similar things, even if with other AV scanners.

SOHO system, on virtual machines.   Fairly recent versions. Running 
openSUSE

Leap 15.1.

Due to some recent malware (obvious stuff) wanted to add AV 
scanning.   I

gather "Amavis-new" is the hot ticket these days,

I deal with Sophos products and would like to use their linux product 
to do

the scanning.   Seems to be precious little on how to do that.

Any experiences?





-
    j4computers, llc
    Stone Ridge, NY 12484
 845-687-3734
    www.j4computers.com
-

Re: Apache SpamAssassin and Spammers 1st Amendment Rights

2020-11-24 Thread Philip Prindeville 
Free Speech doesn’t require anyone to pay for your soap box or megaphone.

But Spam is exactly that: having other people subsidize your speech through the 
theft of services.



> On Nov 19, 2020, at 2:25 PM, Kevin A. McGrail  wrote:
> 
> Afternoon Everyone,
> 
> So over the years, I have gotten a lot of complaints from spammers about how 
> I'm breaking their 1st amendment rights by blocking their spam as free 
> speech.  I've had to explain that I'm not the government and hence there are 
> no 1st amendment rights involved.
> 
> However, my friend, Steve Effros, just wrote a far more eloquent article 
> about it and I thought others on this list might appreciate it:
> 
> https://www.cablefax.com/regulation/first-things-first 
> 
> 
> Regards,
> 
> KAM
> 
> -- 
> Kevin A. McGrail
> kmcgr...@apache.org
> 
> Member, Apache Software Foundation
> Chair Emeritus Apache SpamAssassin Project
> https://www.linkedin.com/in/kmcgrail - 703.798.0171
>

Re: adding AV scanning to working Postfix/SA system

2020-11-24 Thread Axb 

Fuglu supports Sophos AV
See fuglu.org

On 11/23/20 5:37 PM, Joe Acquisto-j4 wrote:

So, beyond "experiences" any leads on generic "how to" guides that actually 
work in
practice?   I've found a few, rather than chase geese, I'm sure some here have 
done
similar things, even if with other AV scanners.


SOHO system, on virtual machines.   Fairly recent versions. Running openSUSE
Leap 15.1.

Due to some recent malware (obvious stuff) wanted to add AV scanning.   I
gather "Amavis-new" is the hot ticket these days,

I deal with Sophos products and would like to use their linux product to do
the scanning.   Seems to be precious little on how to do that.

Any experiences?





-
j4computers, llc
Stone Ridge, NY 12484
 845-687-3734
www.j4computers.com
-