Man I love this group. Thank you so much for this discussion. I don't
remember it being particularly difficult to get clamwin running, just
wanted to make sure it's still a good idea, and it sure sounds that way.
Thanks for the insight. Looks like I've got a busy weekend of playing and
testing
not to bead a dead horse, but
Looking at the mail anazlyzer, it doesn't appear that it is paying
attention to the recieved line that matters (the one where assp gets the
message from the sender server). Instead, my analyzer at least comments on
the top most line, which is sometimes the real
We've been getting a bunch of virus emails slipping through, so I figure
it's finally time to install and configure ClamAV for windows. We're
running assp v2.
I'm see almost no chatter on ClamAV and ASSP here. Is that because it just
plain works and there's no problems or is it because very few
will ignore all privat IP's and IP's in acceptAllMail.
new way that ASSP
parses IP addresses in the headers
This is not done for reports.
is ASSP smart enough
yes
Thomas
Von:K Post nntp.p...@gmail.com
An: ASSP development mailing list assp-test@lists.sourceforge.net
Datum
from my mobile device.
Thanks
Steve Moffat
Chief Operations Officer
Optimum IT Solutions
(441) 292 8849
st...@optimum.bm
www.optimum.bm
On Oct 29, 2011, at 1:51 PM, K Post nntp.p...@gmail.com wrote:
A couple people here are now on Exchange. Mail flow for these people is
as
follows
A couple people here are now on Exchange. Mail flow for these people is as
follows:
ASSP-primary smtp server-forwarded to exchange
When sending through exchange, the mail goes to assp first so it gets added
to the corpus, etc.
This is a pretty basic question, but with the (fairly) new way that
Hidden Makrov Model sounds great from the limited bit I've read on it.
I'm still using flat files here. I never did have the time to explore
converting to a proper db. I've got the berkeley db modules installed, but
not the full package. I'm on windows. In order for this to work, I'd need
to
The version numbering error in this message got me thinking. I know that
the version numbering system just changed, but would you consider changing
it again?
Does anyone really know what day of the year it is without looking it up?
What about doing a versioning number like this:
2.1.2
considering if it's an easy change for Thomas. The update code
might not work for many now anyway until they update to the new versions, so
now seems to be the time
On Fri, Oct 7, 2011 at 10:27 AM, Charles Marcus
cmar...@media-brokers.comwrote:
On 2011-10-07 9:07 AM, K Post nntp.p...@gmail.com
Interesting article over at Krebs On Security:
http://krebsonsecurity.com/2011/09/right-to-left-override-aids-email-attacks/?utm_source=feedburnerutm_medium=feedutm_campaign=Feed%3A+KrebsOnSecurity+%28Krebs+on+Security%29
It talks about a unicode character that reverses ordering from right to
If regex optimiztion is skipped for perl 5.14+, at this point is it faster
to run ASSP with 5.12?
We haven't updated yet, but were about to. We won't if you recommend the
older version still.
Thanks
On Sat, Sep 24, 2011 at 5:21 AM, Thomas Eckardt
thomas.ecka...@thockar.comwrote:
Hi all,
configuration or
installation.
So 5.12.4 will be fine for you Ken - 5.14.1 will be better - let's see how
it is running on your system.
Thomas
Von:K Post nntp.p...@gmail.com
An: ASSP development mailing list assp-test@lists.sourceforge.net
Datum: 25.09.2011 13:26
Betreff
are free to start
assp with the 'enhancedOriginIPDetect:=0' switch or to modify the
'CorrectASSPcfg.pm'.
Thomas
Von:K Post nntp.p...@gmail.com
An: ASSP development mailing list assp-test@lists.sourceforge.net
Datum: 05.08.2011 17:55
Betreff:Re: [Assp-test] fixes in assp
I agree. This is the first change in all of the years (more than a decade?)
that I've been using ASSP that I really don't like and am afraid of.
Thomas obviously has identified the need to do this deeper inspection. I'm
guessing he's seen lots of emails from bad hosts forwarded onto legitimate
Grayhat - I agree, and I haven't updated because of my concerns too.
Thomas has addresses my main concern where ip addresses handed out by isps
are often on blacklists (PWL for example) since these IP's shouldn't be
sending email directly. They'll be in the recieved lines a ways down, but
that
the code
enhancedOriginIPDetect is the name in 2.0.2_3.2.07 - up to 3.2.06 the name
is (wrong sorry) enhancedOrginIPDetect
Thomas
Von:K Post nntp.p...@gmail.com
An: ASSP development mailing list assp-test@lists.sourceforge.net
Datum: 30.07.2011 03:34
Betreff:Re: [Assp
includes known dynamic ISP addresses?
http://www.spamhaus.org/pbl/
Ken, you are right. The next release will consider this.
Thomas
Von:K Post nntp.p...@gmail.com
An: ASSP development mailing list assp-test@lists.sourceforge.net
Datum: 28.07.2011 19:37
Betreff:Re: [Assp-test
release.
IP addresses that are:
in accepAll Mail
in whiteListedIPs
in noProcessingIPs
in noDelay
in noPB
ISPIP's
IP's that where connected to the ISP (OIP/cip)
in a privat IP range
will be ignored
Thomas
Von:K Post nntp.p...@gmail.com
An: ASSP development mailing list
:
denySMTPConnectionsFromAlways
droplist
PenaltyExtreme
ValidateRBL
PenaltyBox
These checks are done in the same way, like the IP's where directly
connected to assp.
Thomas
Von:K Post nntp.p...@gmail.com
An: ASSP development mailing list assp-test@lists.sourceforge.net
Datum: 28.07.2011 17:32
On the originating IP address detection, won't this cause problems with
legitimate users who are sending email from dynamic IP addresses at home to
their outbound server? For example, my home connection is with a cable
company. Their ip address blocks that are handed out to consumers are on my
these mails.
It is too easy to break the regexes.
Thomas
Von:K Post nntp.p...@gmail.com
An: ASSP development mailing list assp-test@lists.sourceforge.net
Datum: 20.07.2011 17:58
Betreff:[Assp-test] Regex Help to capture underscores replacing
spaces
I currently have a regex
Thomas,
best of all here is the news of the changed build numbering system. I don't
know how much of this change is based on my suggestions, but no matter how
you got there, I LOVE this change. It'll make it so much easier for regulars
to keep track of everything, and newbies will no longer be
I have a line in my BombRe:
\$\d{1,5}\.\d{1,3}\smillion=0.10
This is my attempt to give a slightly negative score to emails that match,
which is added with other negatives would hopefully cause a rejection. It
seems to work well when there's only 1 match.
However, if an email talks about a
results have different weights, because the source
regex was a different one, the highest weight will be used.
for example
\$\d{1,5}\.\d{1,3}\smillion=0.10
\$\d{1,4}\.\d{1,3}\smillion=0.20
Thomas
Von:K Post nntp.p...@gmail.com
An: ASSP development mailing list assp-test
I currently have a regex (coursey of this list) like this:
(?ms-i:[a-z][A-Z].*?[a-z][A-Z].*?[a-z][A-Z].*?[a-z][A-Z].*?[a-z][A-Z].*?[a-z][A-Z])=0.95
which catches those irritating emails that HaveWordsWithNoSpacesInThem that
try to get around filters.
Now I'm getting mails with underscores insted
Thomas
Von:K Post nntp.p...@gmail.com
An: ASSP development mailing list assp-test@lists.sourceforge.net
Datum: 24.06.2011 23:39
Betreff:[Assp-test] noBombScript
Shutterfly (a photo printing site here in the US) insists on putting
iframes
in their emails. We block
-
looks OK for me.
Thomas
Von:K Post nntp.p...@gmail.com
An: ASSP development mailing list assp-test@lists.sourceforge.net
Datum: 25.06.2011 03:22
Betreff:[Assp-test] BlockReportFilterRe still not working??
Hi Thomas-
I just started trying 2.0.2 3.1.08
Hi Thomas-
I just started trying 2.0.2 3.1.08 on a development machine. Unfortunately,
blockreportfilterre still doesn't seem to do anything. I know you thought
you had fixed this in 2.0.2 3.0.27, and you might have. I can only comment
that it's not working in the most recent release.
THanks
Ken
If we have DNSBL set to block, if SenderBase identifies a whitelisted org,
would a match in DNSBL be overridden?
--
EditLive Enterprise is the world's most technically advanced content
authoring tool. Experience the power
I know that it was previously a problem that if DoBombHeaderRe was set to
block and a weight was assigned to certain regexes that ASSP would still
block the message. That was noted as being fixed.
In my bombSenderRe I have:
~(\.hotmail\.com|\.yahoo\.com|\.yahoo\.cn|\.aol\.com)~=25
This should
I know that Thomas had fixed a similar problem in an earlier build, I just
don't know if this one slipped through unfixed or if I've got something else
going on.
my bombValencePB is set to 50.
I do understand the divisor suggestion that you're making and typically do
that - I just didn't here
thanks (sorry for not replying sooner - was away).
On Thu, May 26, 2011 at 10:54 AM, Thomas Eckardt thomas.ecka...@thockar.com
wrote:
possibly there an (/o) too much in the code - will fix it in the next
version.
Thomas
Von:K Post nntp.p...@gmail.com
An: ASSP development
-bump-
Anyone else seeing this?
On Tue, May 24, 2011 at 12:50 PM, K Post nntp.p...@gmail.com wrote:
Is it possible that the newer versions of ASSP have started to ignore
BlockReportFilter? I've got DNSBL|username1|username2 in there, but lines
with those matches seem to appear in block
FYI - in our test environment, I haven't seen that at all. .26 seems fine
memory wise, about the same as all of the recent (6 months or so) 2.x
versions. Of course, this isn't in production.
Of note, we're not using a database in the test environment, everything is
flat, so maybe the ADO
to verbose each time we analyze.
Thanks!
On Mon, May 23, 2011 at 3:19 PM, K Post nntp.p...@gmail.com wrote:
great
On Mon, May 23, 2011 at 2:41 PM, Thomas Eckardt
thomas.ecka...@thockar.com wrote:
My bombMaxPenaltyVal is set to 70. With bombReMaxHits set to only 1, in
the
gui analyze window
Peter-
I believe Thomas and Fritz know just how appreciative I am. I sure hope
they do, because without their work, I'd spend all day trying to find which
one of the 9000 messages I get is legit.
I ask for features when I think of one that would be useful. Sure, thre's a
selfish component to
Is it possible that the newer versions of ASSP have started to ignore
BlockReportFilter? I've got DNSBL|username1|username2 in there, but lines
with those matches seem to appear in block reports now. They didn't with
slightly older version.s
I have some basic questions about the way bombRe is logged.
Here's example of logging of a message that came in with
$8.2 million
appearing twice in the message (once in the text version, once in the html
version)
I've got bombReMaxHits set to 10. The bomb valance is 50
(starts out before
Thanks Fritz, that's what I thought.
Note, this doesn't work in an outdated 2.x version.
When I did a mail analyze in the gui, it only showed the one score of 5
(valance is 50 * 0.10 = 5), instead of adding the 5's together. It also
only showed one match. This was with bombReMaxHits set to 10.
Fritz, I'm trying hard, as you requested, to think about what ASSP does
instead of what I want it to do, but I don't know how to accomplish this
functionality.
There's a commercial photo printing service that a handful of people use
here for photo printing. They apparently send emails with
the complex_AND-NOT_regexes.txt .
Thomas
Von:K Post nntp.p...@gmail.com
An: ASSP development mailing list assp-test@lists.sourceforge.net
Datum: 23.05.2011 16:04
Betreff:[Assp-test] Block objects EXCEPT for those from a certain
domain
Fritz, I'm trying hard, as you requested
I'm a little confused. I have BombRe set to block, but the line that has
the check for $x.x million is set to score =0.10 (hence the 5 score, 1/10
of 50). Shouldn't a scoring match ignore the fact that I have it set to
block?
I can't figure out why this message was not delivered.
May-23-11
Cheers
On Mon, May 23, 2011 at 1:56 PM, Thomas Eckardt
thomas.ecka...@thockar.comwrote:
I'm a little confused.
I'm also :)
Currently it also blocks if the according '.maxhits' is reached.
Will be fixed soon.
Thomas
Von:K Post nntp.p...@gmail.com
An: ASSP development
that contains a matching regex.
how ever - these are still more information, than used by processing a
mail - there for example, the 'test3(20)' would never be reached (found).
Thomas
Von:K Post nntp.p...@gmail.com
An: ASSP development mailing list assp-test@lists.sourceforge.net
Datum
used by a real scan
how ever - these are still more information, than used by processing
a
mail - there for example, the 'test3(20)' would never be reached
(found).
Von:K Post nntp.p...@gmail.com
An: ASSP development mailing list assp-test@lists.sourceforge.net
Datum
I'm pretty sure (not 100%) that with the message I found rejected after only
1 hit, that I had max hits set to 10. Was the error just when max hits was
reached or was it also if set to block and a scoring line (badword=0.2)
matched?
On Mon, May 23, 2011 at 2:46 PM, Thomas Eckardt
Suggestion-
When boneheads like me enter in an invalid regex to one of the files like:
\$\d{1,3)\smillion
(end paren is in error)
the file DOES save, but an error is put into the log. The only way to know
that there's a type-o is to look at the log (or wait for the email that I
trigger when error:
I've been adding things to bombRe like:
hello dear=0.10
dear friend=0.10
UN Remittance=0.10
Payment Department=0.10
compensation award=0.10
\$\d{1,5}\.\d{1,3}\smillion=0.10
The idea was that if enough if these match, the score would be high enough,
combined with other scores, to reject the
And then there's the crazies like me who want to spam and no false positives
:)
Is there a possible way to have WhiteBox-IP bonus scoring unless certain
other criteria match? ie: don't pay attention to the bonus scoring for a
whitebox-ip if the helo contains hotmail.com?
On Mon, May 16,
Thank you, I will negate the whitebox positive scoring for those domains
that I don't love using bombSenderRe.
--
What Every C/C++ and Fortran developer Should Know!
Read this article and learn how Intel has extended the
Sorry to bring this up again, but NOW I remember why I wanted hotmail's ip
address range not to be on the pbWhiteBox
Good IP History (IP in PB WhiteBox), default=-15 (pbwValencePB)
I like this feature, but with the big public smtp servers that have plenty
of good users, I don't want someone to
addresses sinces
there are plenty of legit users.
Any other thoughts are always appreciated. Thanks.
On Sun, May 15, 2011 at 3:40 PM, Thomas Eckardt
thomas.ecka...@thockar.comwrote:
No need IMHO - the web is full of it.
Thomas
Von:K Post nntp.p...@gmail.com
An: ASSP development
Lovely.
On Sun, May 15, 2011 at 3:41 PM, Thomas Eckardt
thomas.ecka...@thockar.comwrote:
Does that cache cleaning include clearing out individual IP's based on
ranges that appear in noPB or noPBWhite?
Yes
Thomas
Von:K Post nntp.p...@gmail.com
An: ASSP development mailing list
I know mail from, helo, and ip used for the bombSenderRe, but does the
bombHeaderRe also consider the helo and mail from? Is there a list of
what's considered header?
--
Achieve unprecedented app performance and
Thank you both YET AGAIN!
Thomas, maybe but that regex explanation of the ?: parameters in the next
version's web gui?
On Sat, May 14, 2011 at 4:13 AM, Fritz Borgstedt f...@iworld.de wrote:
ASSP development mailing list assp-test@lists.sourceforge.net
schreibt:
Does that cache cleaning include clearing out individual IP's based on
ranges that appear in noPB or noPBWhite?
On Sat, May 14, 2011 at 2:28 AM, Thomas Eckardt
thomas.ecka...@thockar.comwrote:
Hi all,
fixed in 2.0.2_3.0.23:
- if the CIDR modules are not available, a trailing IPv4 address in
I've got:
~(hotmail\.com|yahoo\.com|aol\.com)~=8 (I'll be changing it to a
multiple soon)
I'm noticing
X-ASSP-Re-BombSenderRe: PB 8: for hotmail.com
X-ASSP-Re-BombSenderRe: PB 8: for hotmail.com
X-ASSP-Message/IP-Score: 16 (BombSenderHelo 'hotmail.com')
in the messages.
I assume it's
On Thu, May 12, 2011 at 2:17 PM, K Post nntp.p...@gmail.com wrote:
Perfect!
I've been having trouble with hotmail ip's getting added to the pbwhite
list. I've tried to include the ranges that I know about from the SPF
record, but there are clearly others.Is there any way
That's a good question - and made me rethink this whole thing. Thanks for
that. I started to write an answer and then realized that I'm confusing
myself, fairly significantly. I'll explain and ask more, hopefully to help
educate me and others who might read this. I put outstanding questions in
so I'm guessing that:
~hotmail\.com|yahoo\.com|aol\.com~=8
is correct and would give a message a score of 8 if that's in the from or
helo
Do I need the ?: or any of those other regex prefixes that I don't
understand? Is there an explanation somewhere?
Thanks
In the description for noPBWhite it says:
Enter IP's that you don't want to be not penalized. These IP's will also be
automatically removed from PB-WhiteBox.
If we enter a range like 204.79.252.0/24 (a hotmail range) into this list,
will all entries already in the PB-Whitebox that match this
great, but my question still stands for other IP based lists...
On Mon, May 2, 2011 at 12:13 PM, Fritz Borgstedt f...@iworld.de wrote:
ASSP development mailing list assp-test@lists.sourceforge.net
schreibt:
really?
Yes, if DelayWL is not set.
DelayWL: Enable Greylisting for whitelisted
I thought that I had a listing of common public webmail smtp servers in
my noPbWhite file, but apparently I don't and this is letting more spam
through than I'd like.
Is there a list available somewhere for download?
Also, minor, the description of noPbWhite starts:
Enter IP's that you don't
I've been playing with NoPbWhite and other lists that have IP addresses in
them.
Consider google.com spf record which allows mail to come from
216.73.93.70/31 and
216.73.93.72/31
I've added that to NoDelayIPs, replacing what I had there originally which
was stale data. Gmail could certainly add
really?
but either way, I might want to add them to NoPbWhite or something like
that...
On Mon, May 2, 2011 at 11:53 AM, GrayHat gray...@gmx.net wrote:
Might there be a way to have assp better maintain lists using syntax
like:
spf:google.com or something like that which would add ip
to modify.
What I don't know is an way to use this logic from within ASSP.
On Sat, Apr 9, 2011 at 9:42 AM, K Post nntp.p...@gmail.com wrote:
Any thoughts on this?
Getting a couple a day now:
UprgaidngYoourOldMSOfffice?GetDdiscountOnAlllOfficeVeresoins.Ulttra-FastDownloads
Thomas, are you seeing installations of .10? Usually there's some chatter,
but it's been so quiet lately here. I haven't had any time to test, but
wanted to confirm that there aren't known major issues with .10 before
upgrading.
Thanks
(also, I've had a thread Blocking
I'm going to reply related to the words with no spaces in the original
thread to help others who might be seeing these irritating emails.
--
Benefiting from Server Virtualization: Beyond Initial Workload
Consolidation --
(summarized)
Fritz Borgstedt schreibt:
put this into bombSubjectRe
(?ms-i:[a-z][A-Z].*?[a-z][A-Z].*?[a-z][A-Z])=0.5
should work
Thanks Fritz (and thomas for your posts in the other thread)
That should help. I'm a bit fearful of scoring legit mails. I can't think
of real phrases that
Any thoughts on this?
Getting a couple a day now:
UprgaidngYoourOldMSOfffice?GetDdiscountOnAlllOfficeVeresoins.Ulttra-FastDownloads
BestDealsOnMusicBuurnniggEdiitngSoftwareReelases-SaveUpTo70%.Hi-SpeedDownloads
On Thu, Mar 17, 2011 at 9:17 AM, K Post nntp.p...@gmail.com wrote:
We've been
(duh) thanks.
On Thu, Apr 7, 2011 at 9:05 PM, Fritz Borgstedt f...@iworld.de wrote:
ASSP development mailing list assp-test@lists.sourceforge.net
schreibt:
Also, related, does the weight matter if DoBombHeaderRe is set to
block? I
suppose it'll add to the score when calculating
Thanks Fritz.
When you have a second, I'd appreciate hearing back on this:
Also, related, does the weight matter if DoBombHeaderRe is set to block? I
suppose it'll add to the score when calculating penaltybox stuff, but will
it override the block for a match and just score if a weight is set?
that starts with viagra, pfizer or rolex and then has ##% later in the
subject
\d\d\%.{0,70}(viagra|pfizer|rolex)
Thomas
Von:K Post nntp.p...@gmail.com
An: ASSP development mailing list assp-test@lists.sourceforge.net
Datum: 31.03.2011 04:12
Betreff:[Assp-test] Regex review
I've rewritten our bomb subject re to try to stop the main threads from
stucking.
Any suggestions here (or errors that you can spot). THANK YOU
customers\snotification
your\sonline\sbanking\sis\sblocked
Notice\sof\sUnderreported\sIncome
Dear.{1,50}take\spart\sin\sour\ssale
never be used in any ASSP regex !!!
If there is no other way and you must use (.*) - you should write (.*?) .
Thomas
Von:K Post nntp.p...@gmail.com
An: ASSP development mailing list assp-test@lists.sourceforge.net
Datum: 22.03.2011 13:56
Betreff:[Assp-test] Urgent
I did NOT!! That's got to be where whatever it was cause the problem was
cached. I'll check that out. Thanks
Also, can someone remind me what ?: does in the regex? This has to do with
optimization right?
for example:
Ah thanks Fritz.
On Wed, Mar 23, 2011 at 12:22 PM, Fritz Borgstedt f...@iworld.de wrote:
ASSP development mailing list assp-test@lists.sourceforge.net
schreibt:
Also, can someone remind me what ?: does in the regex? This has to
do with
optimization right?
Perl regular expressions
Peter
Peter Bowey Computer Solutions
- Original Message -
From: K Post nntp.p...@gmail.com
To: ASSP development mailing list assp-test@lists.sourceforge.net
Sent: Tuesday, March 22, 2011 11:25 PM
Subject: [Assp-test] Urgent - worker_1 hanging
I was just notified of the same error, even after blanking both the bomb
subject and suspicious re. CPU usage was a 99% for the process.
--
Enable your software for Intel(R) Active Management Technology to meet the
Computer Solutions
- Original Message -
From: K Post nntp.p...@gmail.com
To: ASSP development mailing list assp-test@lists.sourceforge.net
Sent: Wednesday, March 23, 2011 12:28 AM
Subject: Re: [Assp-test] Urgent - worker_1 hanging
I was just notified of the same error, even after
We've been having trouble with spam slipping through. They're typically
from hotmail (and hotmail servers), but not always.
These are non-bayesian sounding emails EXCEPT for a long string of spam
words, without spaces, that have double letters in them/mispellings.
They're obviously crafted to
disabled
config' - disallow all sync stuff for this user.
The sync part is now empty - only the headline is shown for this user.
Thomas
Von:K Post nntp.p...@gmail.com
An: ASSP development mailing list assp-test@lists.sourceforge.net
Datum: 25.02.2011 15:53
Betreff:[Assp-test
\' will be replaced by the
BlockReportFilter.br /
Thomas
Von:K Post nntp.p...@gmail.com
An: ASSP development mailing list assp-test@lists.sourceforge.net
Datum: 25.02.2011 15:47
Betreff:Re: [Assp-test] Antwort: Re: fixes and news in
2.0.2_3.0.01
Ah, for block reports, I didn't know
BlockReport-requests now supports a fourth paramter to overwrite the
global BlockReportFilter
I KNEW this wouldn't be too hard for you to implement. I'm going to have
about 20 volunteers who will now want to buy you beers. That's in addition
to the keg that I clearly owe you!
This bit confused
Great. Thanks Fritz.
Would they still be whitelisted though because I have DoOrgWhiting set to
whiting?
On Thu, Feb 17, 2011 at 10:04 PM, Fritz Borgstedt f...@iworld.de wrote:
You can use \bfacebook\.com=0.7, that will multiply the normal
score by 0.7, thereby reducing sworgValencePB to 70%.
I definitely don't want to whitelist these - there's too much junk coming in
from facebook including random friend requests, some of which include links
to porn/drug sites.
I was hoping to just NP the subjects that I know about, so that the bayesian
and URL filters will still reject at least some
With the ** option to weight (which I haven't used yet), doing something
like:
\bfacebook\.com=40
would counter the score of 40 that's set for a bayesian spam message, or am
I supposed to do
\bfacebook\.com=-40
a negagive score, taking away from the score.
I'm unsure as the SenderBase is a
Also, it's not just commented on your status It's also commented on so
and so's status (which is sent when a user comments on someone's status
and then someone else comments on that status.
Thanks
--
The ultimate
Thanks for this GREAT tip Fritz.
I understand white and black, but can you explain a bit what having a
neutral rating for the ip does? What ip checks are skipped? How does
this differ from the original noBlockingIPs?
Also, if a hotmail user, for example, is whitelisted the mail's still going
this change would make a big difference to me, and I'd think others
once the functionality is discovered.
THANK YOU.
On Wed, Jan 19, 2011 at 5:25 PM, K Post nntp.p...@gmail.com wrote:
Thanks for thinking about that one Thomas. Your suggestion should fit my
unique case. Look forward to seeing
Thanks for taking so many of my suggestions seriously. A lot of these
changes will make a huge difference to my day-to-day.
'URIBLCCTLDS' is not changeable anymore
Is the path hard coded, or is it still stored in assp.cfg? Reason I ask is
I had this in a folder other than files for backup
Adding an email address to any list via email interface was some times
leading in to entrys with a double dot like : n...@anydomain..com
Is there a way to do a cleanup of the whitelist to remove anything with a ..
in the host part to fix any errors that were entered before? Maybe a
utility of
...@thockar.com
wrote:
yahoo sends only mails with a DKIM siganture.
aol has SPF records for SPF v1 and v2
aol.com text =
v=spf1 ptr:mx.aol.com ?all
aol.com text =
spf2.0/pra ptr:mx.aol.com ?all
Thomas
Von:K Post nntp.p...@gmail.com
An: ASSP development mailing list
will get his report - no other user will get report
lines for this address.
Thomas
Von:K Post nntp.p...@gmail.com
An: ASSP development mailing list assp-test@lists.sourceforge.net
Datum: 17.01.2011 16:48
Betreff:[Assp-test] BlockReportFilter
Is there any chance
Could it be a hardware firewall issue, with (erroneously) strange behavior
kicking of some temporary block rule for udp 53?
--
Protect Your Site and Customers from Malware Attacks
Learn about various malware tactics and
On Wed, Jan 19, 2011 at 5:10 PM, Fritz Borgstedt f...@iworld.de wrote:
Hacked accounts? That are normal accounts from people with bad
intentions. How comes, that they are whitelisted in your installation?
I never had one whitelisted in my servers.
Yep, from what I can tell we get a couple a
There is no need to use the example makeRe structure.
Right, but shouldn't the example you gave me still work??
--
Protect Your Site and Customers from Malware Attacks
Learn about various malware tactics and how to avoid
We're seeing more and more aol and yahoo accounts that are whitelisted get
hacked. Then we see email messages with only a url in them that get through
our filters.
We could easily create a strict bomb that rejects emails with only URL's in
them. The problem with that is that our users get
Thanks for the help. I'll give this all a shot.
really easy code change
Changing the output of the default BlockReport will compromize every
customized (css + modify.pm) BlockReport of the still existing
installations.
And that's a REALLY REALLY good point...
Is there any chance that we could get a 4th parameter added to the block
report syntax that would add to the BlockReportFilter for each request
Currently, I've got
*@*=ken.p...@ourdomain.org=1 *@*=%3eken.p...@ourdomain.org=%3E1
This works great, and ignores that which I have in the
901 - 1000 of 1446 matches
Mail list logo