On Thu, Oct 24, 2019 at 3:22 PM Jaroslaw Rafa via mailop
wrote:
> Dnia 24.10.2019 o godz. 15:03:25 Jay Hennigan via mailop pisze:
> >
> > If a message contains malware, it is almost certainly also spam.
>
> Yes, but it's better to have two separate tools - one specialized in
> detecting malware,
Dnia 24.10.2019 o godz. 15:03:25 Jay Hennigan via mailop pisze:
>
> If a message contains malware, it is almost certainly also spam.
Yes, but it's better to have two separate tools - one specialized in
detecting malware, that does it with high accuracy, and the other a
general-purpose spam filter
>
> And what does the user install if it's not a file?
>
I think the idea here is that a phishing attack is just as straightforward
a path to installing malware as an email containing malware. Which I
completely agree with. Spam filtering has to work in tandem with AV, and
suggesting that there's
On 10/24/19 14:22, Jaroslaw Rafa via mailop wrote:
Protecting against malware is not a spam filter's job; it's a UTM's
(firewall's, web proxy's or whatever you use to protect your network) job.
Email messages containing malware are unsolicited. They are bulk in most
every case, and by definit
Dnia 24.10.2019 o godz. 16:51:41 Michael Rathbun via mailop pisze:
>
> What file would that have been? "Causes to install" does not require a file
And what does the user install if it's not a file?
--
Regards,
Jaroslaw Rafa
r...@rafa.eu.org
--
"In a million years, when kids go to school,
On Thu, 24 Oct 2019 23:48:30 +0200, Jaroslaw Rafa wrote:
>I understand it was a 0-day and AV software didn't know it? Of course I
>don't know what that particular kind of malware was, but maybe heuristic
>tools like DeepInstinct, that try to analyze what a file *actually does*
>before allowing it
Dnia 24.10.2019 o godz. 16:35:50 Michael Rathbun via mailop pisze:
>
> No anti-malware facility yet devised would have protected my Brazilian client
> from one particular attack, because there was absolutely no indication of any
> sort that a compromise was intended by a particular message, which
On Thu, 24 Oct 2019 23:22:59 +0200, Jaroslaw Rafa via mailop
wrote:
>Dnia 24.10.2019 o godz. 15:11:23 Kelly Molloy via mailop pisze:
>>
>> Yes, it certainly can be. If an email causes a user to install
>> ransomware on a corporate network, then it is an enormous and
>> expensive problem; it's pu
Hi all,
The Barracuda RBL delisting form appears to be broken, I have been trying to
delist an IP for $WORK for a week or so now and I don't get any confirmation
e-mail from them. We have tried multiple addresses, no luck. Normally, we get a
confirmation e-mail from them shortly after we submit
Dnia 24.10.2019 o godz. 15:11:23 Kelly Molloy via mailop pisze:
>
> Yes, it certainly can be. If an email causes a user to install
> ransomware on a corporate network, then it is an enormous and
> expensive problem; it's put companies out of business. If a phishing
> message means that an company
On Thu, Oct 24, 2019 at 6:22 AM Jaroslaw Rafa via mailop
wrote:
> But even if one such message goes through, is this really a problem?
Yes, it certainly can be. If an email causes a user to install
ransomware on a corporate network, then it is an enormous and
expensive problem; it's put companie
On 24 Oct 2019, at 6:15, Jaroslaw Rafa via mailop wrote:
Don't try to be too perfect at spam filtering. Just be good enough.
That's
enough :).
Everyone has a different idea of "good enough" and it even varies by
address for individuals...
I have a dozen distinct email accounts including te
> On 24/10/2019 14:12, Benoit Panizzon via mailop wrote:
> > I also considered hacking together a small 'relay' MTA which would
> > receive the email but not reply OK to the final DATA command (RFC
> > states you can take up to 60 seconds to reply to the DATA command)
>
> 60 seconds? I thought t
On 24/10/2019 14:12, Benoit Panizzon via mailop wrote:
I also considered hacking together a small 'relay' MTA which would
receive the email but not reply OK to the final DATA command (RFC
states you can take up to 60 seconds to reply to the DATA command)
60 seconds? I thought the timeout there
On 24/10/2019 14:12, Benoit Panizzon via mailop wrote:
> And I must admit, I have no real solution if you use some out of the
> stock MTA like postfix or sendmail which work on store and forward
> basis.
Exim can operate in cutthrough mode.
--
Cheers,
Jeremy
___
Hi Stefan
> So the reject generates bounces at our spamfilters. Howto handle this?
Yes, I do know this issue, as we offer a similar service.
And I must admit, I have no real solution if you use some out of the
stock MTA like postfix or sendmail which work on store and forward
basis.
I also cons
On 10/24/19 2:19 PM, Stefan Bauer via mailop wrote:
> Sometimes, customers feel clever and have another local mailfilter on
> site, that rejects mails, after we already have accepted them at
> spamfilter level.
> So the reject generates bounces at our spamfilters. Howto handle this?
_If_ your clie
On 24/10/2019 13:19, Stefan Bauer via mailop wrote:
> We are doing MX-spamfilter service for some customers and forward "clean"
> mails to customer mailservers.
>
> We are doing recipient-checks before accepting mails.
>
>
>
> Sometimes, customers feel clever and have another local mailfilter
Hi,
here is a thing, that we do not see a real solution to it and would be happy,
to get some ideas from other mailops.
We are doing MX-spamfilter service for some customers and forward "clean" mails
to customer mailservers.
We are doing recipient-checks before accepting mails.
Sometime
On 24 Oct 2019, at 11:15, Jaroslaw Rafa via mailop wrote:
> The goal of spam filtering is - in my opinion - filter the majority of spam
> messages, so that they don't clutter the user's mailbox and don't prevent
> him/her from normally using e-mail. If one or two (or even five) spam
> messages go
Hey together,
hoping there is someone from aon.at/A1 on list.
We tried to reach out to you but your postmaster@ mailbox exceeded the
quota ;)
Can someone may contact me off-list ?
Thanks a lot.
Have a nice day,
Jan-Philipp
Jan-Philipp Benecke
Deliverability Team
Fon: +49 4402 97390-16
Dnia 23.10.2019 o godz. 15:56:00 Joel M Snyder via mailop pisze:
> There are few that would argue that phishing should not be trapped
> and blocked today, but 10 years ago what we now call "whale
> phishing"---one-to-one non-commercial non-bulk messages, sometimes
> between friends---would have got
On Wed 23/Oct/2019 22:26:17 +0200 Jaroslaw Rafa via mailop wrote:
> Dnia 23.10.2019 o godz. 12:59:26 Brandon Long via mailop pisze:
>> Re Postel's Law:
>>
>> The Harmful Consequences of the Robustness
>>
>> Principle ie Postel was wrong
>>
>>
>> https://tools.ietf.org/html/draft-iab-protocol-ma
On 24/10/2019 04:56, Noel Butler via mailop wrote:
On 24/10/2019 05:16, Michael Wise via mailop wrote:
Also, trivial messages look like probes, and are probably going to be
junked.
Therein lies the problem, what if we all decided to junk everybodys
email because it looks trivial, we migh
24 matches
Mail list logo