- Original Message -
From: Matthew Bramble
I like pure spamtrap RBL's because clean ones have no false
positives. CBL is a good one to add if you haven't checked
it out, and it produces a lot of hits (with no FP's in a week of
monitoring).
Yep, I've been using CBL for a few months
Title: A little irony here
Just thought I'd share with you all a little Wednesday morning irony.
This spam email, for spam software, got held, as spam.
Somewhere there is a statement to be made.
09/24/2003 08:01:35 Q87911a9e00da3ef2 SPAMCOP:7 BADHEADERS:8 SPAMHEADERS:3 URLfilter:3 .
Is it me, or did SpamCop suddenly become awful when it comes to false
positives with almost anything that is sent in bulk? I've recently seen
them tag PayPal, ActivePDF newsletters, Match.com and even the local
chamber of commerce (which only sends to members w/opt-out). If they
ever start
I've always had problems with Spamcop and excessive false positives. It
works best when weighted high, but not high enough to trigger as spam by
itself. Combined with other test, it works great.
Is it me, or did SpamCop suddenly become awful when it comes to false
positives with almost
Title: Message
(sigh) Again I'm
the voice of dissent... I find that CBL merits no higher than a weight
of5out of my HOLD weight of 20. I find that it includes a lot
of ISP mail servers thatget used by spammers. They do seem to work
at removing them, but meanwhile, it's throwing the baby out
This comes up every few months. For some reason, it appears SpamCop goes
through a mean period and starts listing servers quickly.
John Tolmachoff MCSE CSSA
Engineer/Consultant
eServices For You
www.eservicesforyou.com
-Original Message-
From: [EMAIL PROTECTED]
Title: Message
ISP mail servers thatget used
by spammers
Uhuh -
so?Which ISP is permitting/tolerating/mis-configuring their servers
to be abused in that way?
I have seen very
FEW spammers thatMX mail fromtheir "own" mail servers (as they would
be shut down and/or blocked too easily).
The major problem we have seen is that Spamcop is listing many aol ip
addresses. This has been going on for about 3 weeks now. Most aol mail is
now getting held because they fail 3 tests. We are considering lowering the
weight on Spam Cop. I would assume with all of the aol Volume that their
Well, it's important to remember that SpamCop is user-driven.
The man behind it, Julian Haight, and his Spam Cop deputies focus on parsing
the messages well, holding off the DoS attacks, juggling the expiry and the
weight of the IP subnet based on reports, and getting the right abuse
addresses
Title: Message
Two major
Canadian ISPs, and ComCast.net are common enough. True, true, it is far
more common for dial-up type accounts to spam through proxies, open relays, or
directly to their recipients, but it does happen, and too often. It used
to becommon, but ISPs have generally wised
Over the last couple of weeks I have gotten a couple of messages from
Spamcop about problems. Looking at logs and some other things nothing went
out from my IP range. I will probably drop the weight on Spamcop for a while
until things settle down.
Jeff Kratka
Well, if no one every disagreed with me, I wouldn't learn nearly as
much.
I watched this for a full week recently and didn't find any problems.
The site says that it is only spamtraps and they expire automatically,
but keep alive for longer in association with repeat spamming.
I've seen that
Any possibility of sharing those messages here?
Matt
Jeff Kratka wrote:
Over the last couple of weeks I have gotten a couple of messages from
Spamcop about problems. Looking at logs and some other things nothing went
out from my IP range. I will probably drop the weight on Spamcop for a while
Andrew:
How do you have your counterweight test set up in your global file? I would
be very interest in something like that.
Chuck Schick
Warp 8, Inc.
303-421-5140
www.warp8.com
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of
Colbeck, Andrew
Sent:
I think the design of the system is both brilliant and flawed at the
same time. There aren't enough checks and balances in place to keep the
system pure. One night when PayPal sent out a notice to users, SpamCop
started listing them. I checked their records and found that they had 6
Title: Message
Browsing for low
total weights through the 638 messageswhich triggered CBL so
fartodayI'm not seeing anyobvious errors, mostly very high
total weights.
Two that I've
definitely seen before were mail servers for comcast.net and bizmailsrvs.net
(Verizon - no angel), which
I just found an(other) example of legit E-mail using base64 encoding
for text segments. I would like to create an anti-filter for this
(along with OWA for Exchange violations), however I'm having trouble
identifying what piece of software or other identifying characteristic
appears in the
Scott, I've seen some FP's (or possibly rather just simply legit mail)
tagged for BASE64 coming from AOL 8 (maybe others) when there is an
attachment and no text in the body of the message. I'm wondering if
this is possibly a bug in the BASE64 test, and if so, could/should it
be fixed? An
X-MimeOLE: Produced By Microsoft MimeOLE
V6.00.2800.1165
That is the line.
However, that is
an older version. Or is that OE in IE 6.0? That line does appear when using OE
in IE 6.0. However, OE inserts a line above that to where it should look like
this:
X-Mailer:
Microsoft
John Tolmachoff (Lists) wrote:
X-MimeOLE:
Produced By Microsoft MimeOLE
V6.00.2800.1165
That
is the line.
Unfortunately that line is quite common to Microsoft products of all
sorts, from CDONTS to Outlook Express. It's all over in legit E-mail,
though often with the
20 matches
Mail list logo
