Dear all'
in a day i get spam with url from blogspot
i ' create my rulte
uri BLOGSPOT_01 m;http://[a-z]{8,}\d{5,}\.blogspot\.com/$;
describe BLOGSPOT_01 Throwaway blogspot domain
scoreBLOGSPOT_01 6.0
why this rule don't effective tu blog this spam
regards,
Md Rivai
etc'
Le Wed, 20 Feb 2008 14:40:30 -0800,
SM [EMAIL PROTECTED] a écrit :
At 13:51 20-02-2008, Emmanuel Lesouef wrote:
http://pastebin.com/m61564e4
The message hits RDNS_NONE, HTML_MESSAGE, URIBL_WS_SURBL,
URIBL_JP_SURBL, URIBL_OB_SURBL, URIBL_SC_SURBL, URIBL_BLACK,
URIBL_RHS_DOB. The total
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Michael Scheidell schrieb:
| Postini uses it for their clients.
|
| They set up 4 'real' mx records (priority 100,200,300,400) that point to
| real postini servers. They set up priority 500 that points to the
| (firewalled) smtp server of the
Le Thu, 21 Feb 2008 00:57:55 +0100,
Karsten Bräckelmann [EMAIL PROTECTED] a écrit :
On Wed, 2008-02-20 at 14:40 -0800, SM wrote:
At 13:51 20-02-2008, Emmanuel Lesouef wrote:
http://pastebin.com/m61564e4
That's not a default SA header. X-Spam-Checker-Version is missing, and
that
I remember there was a period of time when dozens of URI delist
requests were submitted all together without any detail. Could that
have been the case with your reports?
Theo Van Dinter wrote:
FWIW, I used to report FP domains to URIBL daily until I was told to
stop because there were too
From: Theo Van Dinter [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 20, 2008 8:08 PM
To: users@spamassassin.apache.org
Subject: Re: URIBL
On Wed, Feb 20, 2008 at 06:52:14PM +, Nigel Frankcom wrote:
Anyway I heard talking about URIBL, which as I have understod is a
quite
I have been running this rule for a day now, and am trapping the spams with
rules 1 and 2.
Curiously I have now starting picking these up on Bayes as well.
Thanks for your help, and to everyone who responded.
Kris Deugau wrote:
# Nice girl wants to send pics, but only if you email the
Anyway I heard talking about URIBL, which as I have understod is a
quite different service (it blacklists 'domains' rather
'IPs'). But is
it maybe a dangerous practice to fight spam? Anyway, does anyone
suggest me to use URIBL?
Are you looking for a PRE QUEUE blacklist? Or a way to
Robert - elists-2 wrote:
Good question. Tough one without debugging your machine personally.
Did you do any web searching for this?
Have you considered upgrading to current SA 3.2.4 ?
- rh
Yes, I have been finding any info relative to this, but I can't found
nothing. It's
Hi John,
Looks like yo replied directly to me. I couldn't find your reply on the
list yet?
At any rate...
The Bayes DB has been learned and in effect for a long time - years before
my time.
No ID's have changed or the config that has caused this error.
I add users to the whitelist - and use
mdrivai wrote:
Dear all'
in a day i get spam with url from blogspot
i ' create my rulte
uri BLOGSPOT_01 m;http://[a-z]{8,}\d{5,}\.blogspot\.com/$;
describe BLOGSPOT_01 Throwaway blogspot domain
scoreBLOGSPOT_01 6.0
why this rule don't effective tu blog this spam
\d{5,}
comparity wrote:
Do you use sa-update?
No I don't. However, I have just run it. restarted spamassassin
(service spamassassin restart), and I'll see what happens.
Hi comparity,
has you could fix the problem updating SA?
--
View this message in context:
Hi, Scott, I'll give you my two cents here
2008/2/20, [EMAIL PROTECTED]
[EMAIL PROTECTED]:
Hi John,
Looks like yo replied directly to me. I couldn't find your reply on the
list yet?
At any rate...
The Bayes DB has been learned and in effect for a long time - years before
my time.
No
HI, Rocco
2008/2/21, Rocco Scappatura [EMAIL PROTECTED]:
Anyway I heard talking about URIBL, which as I have understod is a
quite different service (it blacklists 'domains' rather
'IPs'). But is
it maybe a dangerous practice to fight spam? Anyway, does anyone
suggest me to use
spamis wrote:
comparity wrote:
Do you use sa-update?
No I don't. However, I have just run it. restarted spamassassin
(service spamassassin restart), and I'll see what happens.
Hi comparity,
has you could fix the problem updating SA?
No, not as far as I can
Quoting ploppy [EMAIL PROTECTED]:
i enabled SA on one of my accounts and since disabling, no mails for that
account are being received. i did tail -f /var/log/exim_mainlog and they are
showing as completed, but they are not being delivered. they are not even in
th mail que. i am using exim
Hi to all members here, I'm a new member and would like to ask help on how to
install SpamAssassin? Aside from working with an email server, will this
work with Webmails like gmail, yahoo, or msn?
thanks you in advance
--
View this message in context:
i enabled SA on one of my accounts and since disabling, no mails for that
account are being received. i did tail -f /var/log/exim_mainlog and they are
showing as completed, but they are not being delivered. they are not even in
th mail que. i am using exim 4.63 and didn't have this problem until
I was watching my maillog this morning, trying to spot something else
that wasn't quite working right when I noticed a bunch of errors similar
to the following:
Feb 19 11:09:26 rivendell spamd[987]: Subroutine
DEAR_SOMETHING_one_line_body_te
st redefined at
Hello list.
Does the bayes system use a separate db for the autolearn mode?
Today I noticed that my SA bayes has 50 spam and 45 ham mails learned,
when I thought the db had a lot more, because bayes IS being used.
# sa-learn --dump magic
0.000 0 3 0 non-token
On Thu, 2008-02-21 at 10:14 +0100, Emmanuel Lesouef wrote:
Le Thu, 21 Feb 2008 00:57:55 +0100,
Karsten Bräckelmann [EMAIL PROTECTED] a écrit :
At 13:51 20-02-2008, Emmanuel Lesouef wrote:
http://pastebin.com/m61564e4
That's not a default SA header. X-Spam-Checker-Version is missing,
Hola, Diego
2008/2/21, Diego Pomatta [EMAIL PROTECTED]:
Hello list.
Does the bayes system use a separate db for the autolearn mode?
Today I noticed that my SA bayes has 50 spam and 45 ham mails learned,
when I thought the db had a lot more, because bayes IS being used.
# sa-learn
Quoting Rocco Scappatura [EMAIL PROTECTED]:
I have looked at the SURBL site. If I have well understood I have to
enable only the plugin with loadPlugin.
Then I have to use the command 'urirhssub' of the plugin URIDNSBL to
specify that I want to use SURBLs:
urirhssub URIBL_JP_SURBL
Marc Perkel wrote:
Michael Scheidell wrote:
Didn't qmail have a problem if it hit a 'dead' primary mx server first?
Qmail has a problem if it gets a 421 on the lowest MX. But if the
lowest MX is totally dead Qmail is fine with it.
We issue tcp-reset via iptables and have never heard
HI, Rocco
Hi Luis,
I don't know what you mean for 'PRE QUEUE blacklist'..
Anyway I would
like to help SpamAssassin in scoring emails..
He means a blacklist which runs IN the MTA, not at SA level,
when the MTA has accepted the message. It rejects spammers as
they connect, mostly
On Thu, Feb 21, 2008 at 09:57:17AM +0100, Rocco Scappatura wrote:
I have looked at the SURBL site. If I have well understood I have to
enable only the plugin with loadPlugin.
... and it's enabled by default, so you should be all set. :)
Then I have to use the command 'urirhssub' of the plugin
Quoting Rocco Scappatura [EMAIL PROTECTED]:
I have looked at the SURBL site. If I have well understood
I have to
enable only the plugin with loadPlugin.
Then I have to use the command 'urirhssub' of the plugin
URIDNSBL to
specify that I want to use SURBLs:
urirhssub
Richard Frovarp wrote:
We issue tcp-reset via iptables and have never heard of any problems.
Doing this also makes connecting servers fail out quickest, instead of
waiting to timeout.
Interesting. How do you do that?
I am currently running SpamAssassin 3.1.9 and MIMEDefang 2.6.3. I recently
attempted an upgrade of SpamAssassin to the latest version (3.2.4) and in a
matter of about 15 minutes, the load average on the server skyrocketed to
over 20 and continued to grow. The output of the top command showed
Luis Hernán Otegui escribió:
Hola, Diego
2008/2/21, Diego Pomatta [EMAIL PROTECTED]:
Hello list.
Does the bayes system use a separate db for the autolearn mode?
Today I noticed that my SA bayes has 50 spam and 45 ham mails learned,
when I thought the db had a lot more, because bayes IS
Marc Perkel wrote:
Richard Frovarp wrote:
We issue tcp-reset via iptables and have never heard of any problems.
Doing this also makes connecting servers fail out quickest, instead
of waiting to timeout.
Interesting. How do you do that?
-A ports_deny -d de.st.i.p -p tcp -m tcp --dport 25
On Wed, 20 Feb 2008, Aaron Wolfe wrote:
Quotes from this thread (and the nolisting site which was posted as a
response):
Michael Scheidell - Do NOT use a bogus mx as your lowest priority.
Bowie Bailey - I would say that it is too risky to put a non-smtp
host as your primary
MX
David B Funk wrote:
On Wed, 20 Feb 2008, Aaron Wolfe wrote:
Quotes from this thread (and the nolisting site which was posted as a
response):
Michael Scheidell - Do NOT use a bogus mx as your lowest priority.
Bowie Bailey - I would say that it is too risky to put a non-smtp
host as
Mark Johnson wrote:
Marc Perkel wrote:
Because there is occasionally some server doing something very weird
you might have to open up port 25 one some specific IP who is running
something really dumb. I think I've had to do this only once or
twice. But once you open up port 25 to the
Marc Perkel wrote:
I'm using Exim and I have it listening on several IP addresses. If you
aren't using Exim then you'll have to get someone to help you.
defercondition = ${if match{$interface_address}{69.50.231.160}}
You could just point it to a dead IP address which is the simple way
Mark Johnson wrote:
Marc Perkel wrote:
I'm using Exim and I have it listening on several IP addresses. If
you aren't using Exim then you'll have to get someone to help you.
defercondition = ${if match{$interface_address}{69.50.231.160}}
You could just point it to a dead IP address
Marc Perkel wrote:
Because there is occasionally some server doing something very weird you
might have to open up port 25 one some specific IP who is running
something really dumb. I think I've had to do this only once or twice.
But once you open up port 25 to the problem user you solved
What's everyone's opinion on something like:
defermx.domain.com
bogusmx.domain.com
provide this hosted (i.e. I'm thinking of offering), but instead of ONLY
log it somehow feed / create a blacklist based on this?
I'm not as familiar with blacklists as many of you, but the network /
smtp /
Hi!
provide this hosted (i.e. I'm thinking of offering), but instead of ONLY
log it somehow feed / create a blacklist based on this?
I'm not as familiar with blacklists as many of you, but the network /
smtp / logging side of this is easy for me to implement.
I'm thinking make this a very
On Thu, 2008-02-21 at 21:58 +0100, Raymond Dijkxhoorn wrote:
Hi!
provide this hosted (i.e. I'm thinking of offering), but instead of ONLY
log it somehow feed / create a blacklist based on this?
I'm not as familiar with blacklists as many of you, but the network /
smtp / logging side
Steve Radich wrote:
What's everyone's opinion on something like:
defermx.domain.com
bogusmx.domain.com
provide this hosted (i.e. I'm thinking of offering), but instead of ONLY
log it somehow feed / create a blacklist based on this?
I'm not as familiar with blacklists as many of you, but the
-Original Message-
From: jeco [mailto:[EMAIL PROTECTED]
Sent: Friday, 22 February 2008 1:55 a.m.
To: users@spamassassin.apache.org
Subject: Installation on SpamAssassin
Hi to all members here, I'm a new member and would like to ask help on
how
to
install SpamAssassin? Aside
Hi!
defermx.domain.com
bogusmx.domain.com
provide this hosted (i.e. I'm thinking of offering), but instead of ONLY
log it somehow feed / create a blacklist based on this?
I'm not as familiar with blacklists as many of you, but the network /
smtp / logging side of this is easy for me to
Nigel Frankcom wrote:
Some stick a donate option on their sites, which I suspect is rarely
used. Others don't even do that.
I'm betting that URIBL is closing in on enough donations (via the PayPal
button) to buy 128MB of SDRAM soon! I know they were getting close. :)
I must admit to being
Marc Perkel wrote:
David B Funk wrote:
On Wed, 20 Feb 2008, Aaron Wolfe wrote:
Quotes from this thread (and the nolisting site which was posted as a
response):
Michael Scheidell - Do NOT use a bogus mx as your lowest priority.
Bowie Bailey - I would say that it is too risky to put a
McDonald, Dan wrote:
On Thu, 2008-02-21 at 21:58 +0100, Raymond Dijkxhoorn wrote:
Hi!
provide this hosted (i.e. I'm thinking of offering), but instead of ONLY
log it somehow feed / create a blacklist based on this?
I'm not as familiar with blacklists as many of you, but the network /
I guess just customers who want a fall back in case postini goes down.
host -t mx hormel.com
hormel.com mail is handled by 100 hormel.com.mail5.psmtp.com.
hormel.com mail is handled by 200 hormel.com.mail6.psmtp.com.
hormel.com mail is handled by 300 hormel.com.mail7.psmtp.com.
hormel.com mail
Sorry; apparently I was unclear.
MX records I'm saying as follows:
100 - Real
200 - Real perhaps, as many real as you want
300 - Bogus - one that blocks port 25 with tcp reset for example
400 - accept port, logs ip - blacklist (not to be scored
aggressively at all)
Steve Radich wrote:
Sorry; apparently I was unclear.
MX records I'm saying as follows:
100 - Real
200 - Real perhaps, as many real as you want
300 - Bogus - one that blocks port 25 with tcp reset for example
400 - accept port, logs ip - blacklist (not to be
On Thu, Feb 21, 2008 at 11:47 PM, Marc Perkel [EMAIL PROTECTED] wrote:
Steve Radich wrote:
Sorry; apparently I was unclear.
MX records I'm saying as follows:
100 - Real
200 - Real perhaps, as many real as you want
300 - Bogus - one that blocks port 25 with
ok, thanks for the reply Mike, I'll try to explore the link you've given and
learn first the basics. Sorry, because I'm just a newbie with this Anti Spam
and would like to know more about it.
Thanks and good day
Michael Hutchinson-3 wrote:
-Original Message-
From: jeco
51 matches
Mail list logo