mouss wrote:
Adam Katz a écrit :
Actually, localhost doesn't resolve via DNS;
I don't know where you're taking this from:
$ host localhost 127.0.0.1
Using domain server:
Name: 127.0.0.1
Address: 127.0.0.1#53
Aliases:
localhost.netoyen.net has address 127.0.0.1
Although I like host
I'm getting a lot of mails daily in which to from addresses are same
spamassassin is not able to stop them. I'm using spamassassin-3.2.5-1.el4.rf
CentOS4.7 with sendmail.I've increased the score to 4 frm default 5 but
stills its not catching them.
How can i make spamassassin catch these mails.
On Sat, 2009-06-06 at 02:55 -0700, chauhananshul wrote:
I'm getting a lot of mails daily in which to from addresses are same
spamassassin is not able to stop them. I'm using spamassassin-3.2.5-1.el4.rf
CentOS4.7 with sendmail.I've increased the score to 4 frm default 5 but
stills its not
Below is the mail header for one of the mail in which to from id id same
From u...@mydomain.com Sat Jun 6 12:41:57 2009
Return-Path: u...@mydomain.com
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on
mailserver1.mydomain.com
X-Spam-Level:
X-Spam-Status: No,
Hi everyone.
I have a contact form that allows visitors to send messages to me. Some
nimnod is using it to send me ads wanting me to use his Search Engine
Optimization service.
Because the form sends messages as though it is ME, the mail server
doesn't check messages received from my form
P.S. What I'm looking to do is check it for spam BEFORE sending the
message.
Thx!
Don Ireland
Don Ireland wrote:
Hi everyone.
I have a contact form that allows visitors to send messages to me.
Some nimnod is using it to send me ads wanting me to use his Search
Engine Optimization
Anshul Chauhan schrieb:
Below is the mail header for one of the mail in which to from id id same
From u...@mydomain.com mailto:u...@mydomain.com Sat Jun 6 12:41:57 2009
Return-Path: u...@mydomain.com mailto:u...@mydomain.com
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on
On Fri, 05 Jun 2009 14:05:40 -0400
Rob McEwen r...@invaluement.com wrote:
An occassional legit e-mail will have RDNS_NONE, and an occassional
legit e-mail will have RCVD_IN_PBL. But even extreme fewer legit
emails will have hits on BOTH of these. So I'd suggest scoring the
combination of the
Below is the mail header for one of the mail in which to
from id id same
From u...@mydomain.com Sat Jun 6 12:41:57 2009
Return-Path: u...@mydomain.com
mydomain.com really exists, and it is not advisable to mask one's read domain
behind it.
Use example.com, that is what it is for.
On Sat, 6 Jun 2009, Don Ireland wrote:
If I write the message/subject to a file (so that it looks like a
message without most of the headers), can I run it through SA and make
sure that it's not spam?
Certainly.
Figuring out the headers shouldn't be too difficult, and you will probably
On 05.06.09 23:55, mouss wrote:
localhost.netoyen.net has address 127.0.0.1
Actually, I think this is not good. localhost. should resolve, but putting
localhost to other domains even with 127.0.0.1 address is something that
should be imho avoided ;)
--
Matus UHLAR - fantomas, uh...@fantomas.sk
Matus UHLAR - fantomas wrote:
Actually, I think this is not good. localhost. should resolve, but
putting localhost to other domains even with 127.0.0.1 address is
something that should be imho avoided ;)
I think it is okay and normal to have localhost.$mydomain resolve to
127.0.0.1. But the
Matus UHLAR - fantomas wrote:
Actually, I think this is not good. localhost. should resolve, but
putting localhost to other domains even with 127.0.0.1 address is
something that should be imho avoided ;)
On 06.06.09 11:28, Bob Proulx wrote:
I think it is okay and normal to have
Now that the EMPTY_BODY and mis-identified spam issues have been resolved
I've countered a new one creating false positives: the rule (in
/etc/mail/spamassassin/Botnet.cf is:
describeBOTNET Relay might be a spambot or virusbot
header BOTNET
On Sat, June 6, 2009 11:55, chauhananshul wrote:
How can i make spamassassin catch these mails.
you can do this better in your mta
2 ways to solve it:
1 use postfwd with a rule that check sender equal to recipient
2 add spf to your domain, and test spf in your mta
3 take a ice :)
--
On Sat, 2009-06-06 at 10:48 -0700, Rich Shepard wrote:
Now that the EMPTY_BODY and mis-identified spam issues have been resolved
I've countered a new one creating false positives: the rule (in
/etc/mail/spamassassin/Botnet.cf is:
This is a third-party plugin, deliberately installed by you.
Different people run botnet at different score levels, depending on
what they want the rule to do. The default is 5 because 5 is the
common point where people set messages aside for review (remove them
from their regular mail stream). That's what botnet is saying about
such messages: this
Matus UHLAR - fantomas a écrit :
On 05.06.09 23:55, mouss wrote:
localhost.netoyen.net has address 127.0.0.1
oh, I didn't even realize it was the .$domain one!
old habit to avoid nslookup barking and then lusers asking what's the
problem...
Actually, I think this is not good. localhost.
On Sat, 6 Jun 2009, Don Ireland wrote:
P.S. What I'm looking to do is check it for spam BEFORE sending the
message.
I find that this kind of 'form spam' is best handled by a couple of simple
'tricks' within the form and the cgi that processes it:
1) Include a 'hidden' field (using the
On Sat, 6 Jun 2009, Karsten Br?ckelmann wrote:
This is a third-party plugin, deliberately installed by you.
Actually, it was most likely installed with the SA upgrade because I've
not made any modifications or tuning to the system. I figure that those who
set up defaults know much more than
On Sat, 6 Jun 2009, John Rudd wrote:
The thing thing to do to fix messages from given locations is lean,
heavily, upon the sender to get their sending environment fixed. What
botnet finds are sites with bad DNS (no full circle reverse DNS), or
sending hosts that look like clients instead of
On Thu, Jun 4, 2009 at 16:32, Adam Katzantis...@khopis.com wrote:
John Rudd wrote:
That seems to be an important distinction for
strict/rigorous/theoretical discussions of what is full circle
reverse DNS, and things along those lines... but I'm not sure if
it really is an important
On Sat, Jun 6, 2009 at 13:38, Rich Shepardrshep...@appl-ecosys.com wrote:
On Sat, 6 Jun 2009, John Rudd wrote:
The thing thing to do to fix messages from given locations is lean,
heavily, upon the sender to get their sending environment fixed. What
botnet finds are sites with bad DNS (no
John Rudd wrote:
I think FCrDNS stands for Forward-confirmed reverse DNS as noted at
http://en.wikipedia.org/wiki/Forward_Confirmed_reverse_DNS :-)
Every place I've seen it talked about, including past discussion on
this list, calls it Full Circle, not Forward Confirmed. Based on that
Matus UHLAR - fantomas a écrit :
Actually, I think this is not good. localhost. should resolve, but
putting localhost to other domains even with 127.0.0.1 address is
something that should be imho avoided ;)
On 06.06.09 20:39, mouss wrote:
why? if it's because of xss and the like, it
Hi,
I am trying to setup a new mail server. With postfix - dovecot ldap -
spamd. All virtual users. Over Centos 5.3 64 bits. Spamassassin version is
3.2.5 installed with yum.
This is the line in postfix's master.cf
dovecot unix - n n - 30 pipe
flags=DRhu user=vmail argv=/usr/bin/spamc -s 204800
On Thu, Jun 4, 2009 at 16:32, Adam Katzantis...@khopis.com wrote:
I think FCrDNS stands for Forward-confirmed reverse DNS as noted at
http://en.wikipedia.org/wiki/Forward_Confirmed_reverse_DNS :-)
On 06.06.09 13:39, John Rudd wrote:
Every place I've seen it talked about, including past
mouss wrote:
$ host localhost 127.0.0.1
localhost.netoyen.net has address 127.0.0.1
You forgot the trailing dot, so it tacked your own domain onto the end
of that. I'm believe localhost.$domain is not required by any specs
and is non-standard. ... That's okay, I'll just assume your DNS serves
On Sat, 2009-06-06 at 13:32 -0700, Rich Shepard wrote:
On Sat, 6 Jun 2009, Karsten Br?ckelmann wrote:
This is a third-party plugin, deliberately installed by you.
Given the previous thread I was actually wondering about the phrasing.
Anyway, make that any admin, or previous admin.
29 matches
Mail list logo