Re: buzzhost.co.uk was: Re: constantcontact.com

On Sat, 2009-07-04 at 07:29 +1000, Res wrote: > On Fri, 3 Jul 2009, Benny Pedersen wrote: > > > > > On Fri, July 3, 2009 15:13, rich...@buzzhost.co.uk wrote: > > > > folowup: > > > > v=spf1 ip4:62.233.82.168 ip4:82.70.24.238 mx ~all > > > > in dns > > > > v=spf1 ip4:62.233.82.168 ip4:82.70.24.238

Re: perms problems galore

Gene Heskett wrote: > > Ok, I'll fix that, thanks. > > >> That said, why give the saupdate user the ability to add keys at all? >> Import them as root and only give the saupdate user read access. >> > > Basically, since I run myself as root, I was trying to reduce the exposure. > All the re

Re: perms problems galore

On Friday 03 July 2009, Matt Kettler wrote: >Gene Heskett wrote: >> Greetings all; >> >> I _thought_ I had sa-update running ok, but it seemed that the >> effectiveness was stagnant, so I found the cron entry that was running >> as-update & discovered a syntax error there, which when I fixed it, >>

Re: perms problems galore

Gene Heskett wrote: > Greetings all; > > I _thought_ I had sa-update running ok, but it seemed that the effectiveness > was stagnant, so I found the cron entry that was running as-update & > discovered a syntax error there, which when I fixed it, disclosed that I had > all sorts of perms problem

perms problems galore

Greetings all; I _thought_ I had sa-update running ok, but it seemed that the effectiveness was stagnant, so I found the cron entry that was running as-update & discovered a syntax error there, which when I fixed it, disclosed that I had all sorts of perms problems that I don't seem to be able

Re: AE_MEDS35 does not more work...

Hello, In a maill which hit the score I see this: [ STDIN ]--- Spam detection software, running on the system "vserver1.tamay-dogan.net", has identified this incoming email as possible spam. The original message has been attached to thi

Re: Independence Day - Barracuda SA Rules & White List

Dave Pooser wrote: > I like Rob despite his sadly misguided politics :^) Being the 4th of July holiday, I should proudly point out that my politics are much closer to those of Washington, Madison, Jefferson, ...even that "populist" Andrew Jackson, etc... and the documents they authored, which secu

Extending XBL to all untrusted

I think it might be worth having 2 XBL tests, a high scoring test on last-external and a lower-scoring test that goes back through the untrusted headers. I understand that Spamhaus doesn't recommend this, because dynamic IP addresses can be reassigned from a spambot to another user, but I added m

Re: buzzhost.co.uk was: Re: constantcontact.com

On Fri, 3 Jul 2009, Benny Pedersen wrote: On Fri, July 3, 2009 15:13, rich...@buzzhost.co.uk wrote: folowup: v=spf1 ip4:62.233.82.168 ip4:82.70.24.238 mx ~all in dns v=spf1 ip4:62.233.82.168 ip4:82.70.24.238 mx ~all localhost. IN TXT "v=spf1 a -all" mail1.buzzhost.co.uk. IN TXT "v=spf1 a -

Re: Independence Day - Barracuda SA Rules & White List

I'm no great fan of Barracuda, but is publishing proprietary information from companies who wish to keep their data public really within the purpose of the list? I'm not comparing Rob McEwen to Barracuda -- for one thing, I think Rob has a far better understanding of spamfighting, and for another I

Independence Day - Barracuda SA Rules & White List

These links are provided in the spirit of Barracuda Networks 'Let's just help ourselves to the work of others' as an Independence Day 'Liberate The Rules' gift. It's not all of them - but the bulk of them. The full 'static' whitelist is also provided. These may be of interest to other SpamAssassin

RE: Freelotto.com

> > If you've got any proof of spam from any BSP_TRUSTED IP, > please report it to senderscorecertified@abuse.net or via > the web form at http://www.returnpath.net/support/ and our > compliance team will take appropriate action. Thanks! > > -- > J.D. Falk > Return Path Inc shouldnt y

RE: constantcontact.com

On Fri, 2009-07-03 at 10:14 -0700, John Hardin wrote: > On Fri, 3 Jul 2009, Randal, Phil wrote: > > > From http://www.constantcontact.com/pricing/index.jsp , they say: > > > > "Monthly fee is based on the number of contacts in your email list" > > > > There's an immediate conflict of interest - i

Re: good Spamassassin Summary report

On Fri, 2009-07-03 at 12:45 -0400, Daniel Schaefer wrote: > Cool. Having it as part of the Logwatch report would be just fine with > me. I have created a short logwatch script to count and show me a > running total of each spam score number, but your script I'm sure is a > lot better than mine.

Re: good Spamassassin Summary report

On Fri, 3 Jul 2009, Daniel Schaefer wrote: I guess there's one thing missing. I can't enter a date range...(today, yesterday, etc). grep the desired date range out to a temporary log file copy and run the analyzer against that. > http://www.rulesemporium.com/programs/sa-stats.txt -- Jo

RE: constantcontact.com

On Fri, 3 Jul 2009, Randal, Phil wrote: From http://www.constantcontact.com/pricing/index.jsp , they say: "Monthly fee is based on the number of contacts in your email list" There's an immediate conflict of interest - if they want to keep their income high, they're going to encourage customer

Re: good Spamassassin Summary report

Cool. Having it as part of the Logwatch report would be just fine with me. I have created a short logwatch script to count and show me a running total of each spam score number, but your script I'm sure is a lot better than mine. Would you be willing to release yours to the open source communit

Re: good Spamassassin Summary report

On Fri, 2009-07-03 at 12:03 -0400, Daniel Schaefer wrote: > If you have found something similar to this, good. If you have created > your own script to do this, better. If Spamassassin has this script > created already and I missed it, even better. > I wrote my own but it is somewhat specialized

Re: good Spamassassin Summary report

I guess there's one thing missing. I can't enter a date range...(today, yesterday, etc). Dan Schaefer Application Developer Performance Administration Corp. Daniel Schaefer wrote: Yes, actually it is exactly what I'm looking for. I saw another sa-stats script that only showed the %'s for HAM

Re: constantcontact.com

On Fri, 2009-07-03 at 18:27 +0200, Jonas Eckerman wrote: > rich...@buzzhost.co.uk wrote: > > >> (You do know what "legacy" means, right?) > > > Sure - do you? If it's left in the core code because the URI never > > listed CC in the past that makes it legacy to me. If we consider that > > argument

Re: constantcontact.com

rich...@buzzhost.co.uk wrote: (You do know what "legacy" means, right?) Sure - do you? If it's left in the core code because the URI never listed CC in the past that makes it legacy to me. If we consider that argument now that cc *is* listed by urbl then the legacy argument that was used, is

Re: good Spamassassin Summary report

Yes, actually it is exactly what I'm looking for. I saw another sa-stats script that only showed the %'s for HAM and SPAM and the average score and what not. Thank you sir for sending me this. Dan Schaefer Application Developer Performance Administration Corp. Rick Macdougall wrote: Daniel

Re: good Spamassassin Summary report

Daniel Schaefer wrote: I have searched far and wide for a good Spamassassin report using numerous keywords in Google searches, but I can't find the one that fits my needs. I am looking for a script that can be run via cron job on a daily basis. I would pass the script the location of the mail l

good Spamassassin Summary report

I have searched far and wide for a good Spamassassin report using numerous keywords in Google searches, but I can't find the one that fits my needs. I am looking for a script that can be run via cron job on a daily basis. I would pass the script the location of the mail log. The output will sho

Re: constantcontact.com

On Fri, 2009-07-03 at 17:31 +0200, Benny Pedersen wrote: > On Fri, July 3, 2009 17:23, rich...@buzzhost.co.uk wrote: > > On Fri, 2009-07-03 at 16:54 +0200, Benny Pedersen wrote: > >> On Fri, July 3, 2009 16:31, rich...@buzzhost.co.uk wrote: > >> > On Fri, 2009-07-03 at 15:53 +0200, Benny Pedersen w

Re: constantcontact.com

On Fri, July 3, 2009 17:23, rich...@buzzhost.co.uk wrote: > On Fri, 2009-07-03 at 16:54 +0200, Benny Pedersen wrote: >> On Fri, July 3, 2009 16:31, rich...@buzzhost.co.uk wrote: >> > On Fri, 2009-07-03 at 15:53 +0200, Benny Pedersen wrote: >> >> On Fri, July 3, 2009 15:13, rich...@buzzhost.co.uk w

Re: constantcontact.com

On Fri, 2009-07-03 at 16:54 +0200, Benny Pedersen wrote: > On Fri, July 3, 2009 16:31, rich...@buzzhost.co.uk wrote: > > On Fri, 2009-07-03 at 15:53 +0200, Benny Pedersen wrote: > >> On Fri, July 3, 2009 15:13, rich...@buzzhost.co.uk wrote: > >> > >> folowup: > >> > >> v=spf1 ip4:62.233.82.168 ip4:

Re: constantcontact.com

On Fri, Jul 3, 2009 at 10:15 AM, Michael Grant wrote: > In defense of Constant Contact, they are in the business of sending > out mailings for people, they are not themselves spammers.  They > perform a service and they do it as best they can given the > circumstances in which they work. > arms de

Re: constantcontact.com

On Fri, July 3, 2009 16:31, rich...@buzzhost.co.uk wrote: > On Fri, 2009-07-03 at 15:53 +0200, Benny Pedersen wrote: >> On Fri, July 3, 2009 15:13, rich...@buzzhost.co.uk wrote: >> >> folowup: >> >> v=spf1 ip4:62.233.82.168 ip4:82.70.24.238 mx ~all >> >> in dns >> >> v=spf1 ip4:62.233.82.168 ip4:8

Re: constantcontact.com

On Fri, 2009-07-03 at 15:53 +0200, Benny Pedersen wrote: > On Fri, July 3, 2009 15:13, rich...@buzzhost.co.uk wrote: > > folowup: > > v=spf1 ip4:62.233.82.168 ip4:82.70.24.238 mx ~all > > in dns > > v=spf1 ip4:62.233.82.168 ip4:82.70.24.238 mx ~all > localhost. IN TXT "v=spf1 a -all" > mail1.bu

Re: constantcontact.com

In defense of Constant Contact, they are in the business of sending out mailings for people, they are not themselves spammers. They perform a service and they do it as best they can given the circumstances in which they work. I have used them to send out mail to mailing lists of a non-profit orga

buzzhost.co.uk was: Re: constantcontact.com

On Fri, July 3, 2009 15:13, rich...@buzzhost.co.uk wrote: folowup: v=spf1 ip4:62.233.82.168 ip4:82.70.24.238 mx ~all in dns v=spf1 ip4:62.233.82.168 ip4:82.70.24.238 mx ~all localhost. IN TXT "v=spf1 a -all" mail1.buzzhost.co.uk. IN TXT "v=spf1 a -all" mail2.buzzhost.co.uk. IN TXT "v=spf1 a -a

Re: constantcontact.com

On Fri, 2009-07-03 at 14:54 +0200, Jonas Eckerman wrote: > rich...@buzzhost.co.uk wrote: > > >> m...@haven:~$ host constantcontact.com.multi.uribl.com > >> constantcontact.com.multi.uribl.com A 127.0.0.4 > >> m...@haven:~$ > > > Oh Dear - that kind of rains on the parade of the 'legacy'

[Fwd: Re: constantcontact.com]

Original Message Subject: Re: constantcontact.com From:"rich...@buzzhost.co.uk" Date:Fri, July 3, 2009 15:04 To: "Benny Pedersen" -

Re: constantcontact.com

rich...@buzzhost.co.uk wrote: m...@haven:~$ host constantcontact.com.multi.uribl.com constantcontact.com.multi.uribl.com A 127.0.0.4 m...@haven:~$ Oh Dear - that kind of rains on the parade of the 'legacy' argument and puts the ball into the SA court. Actually, it gives strength t

Re: constantcontact.com

On Fri, July 3, 2009 12:26, Mike Cardwell wrote: > m...@haven:~$ host constantcontact.com.multi.uribl.com > constantcontact.com.multi.uribl.com A 127.0.0.4 > m...@haven:~$ skib in sa forbid it to hit, silly :) -- xpoint

Re: constantcontact.com

rich...@buzzhost.co.uk wrote: Should that be Hi$torical Rea$ons ? If there was a monetary reason (aka bribe), I'd think CC would have been whitelisted. As it is, CC is *not* whitelisted in SA. At least not according to your own posts. What you have noted is that CC is *skipped* by *one* (1

Re: constantcontact.com

On Fri, July 3, 2009 10:14, rich...@buzzhost.co.uk wrote: > Constant contact will tell you they are opt-in. That is B/S. > The are using a honeypot address used only in usenet post from around 2 > years ago. It is always bounced with a 550, but still they keep > knocking. v=spf1 ptr dom=buzzhost

Re: AE_MEDS35 does not more work...

On Thu, July 2, 2009 23:54, Michelle Konzack wrote: > Coming home for some minutes I saw, I am hit by 23.000 spams in my inbox > from today... use postfwd ? RCVD_IN_NJABL_PROXY < hits and can be tested in mta 23000 spams in home mailbox/mta is to much to just say i dont care :) -- xpoint

Re: constantcontact.com

grey.uribl.com - This lists contains domains found in UBE/UCE, and possibly honour opt-out requests. It may include ESPs which allow customers to import their recipient lists and may have no control over the subscription methods. This list can and probably will cause False Positives depe

Re: constantcontact.com

Le 03/07/2009 12:19, Justin Mason a écrit : Going by bug 5905 though, and this report, we should probably remove it from the whitelist. Is there any *clean* way (i.e. something that could be put in local.cf or equivalent in order to override files updated by sa-update) for users to remove thi

Re: constantcontact.com

On Fri, 2009-07-03 at 06:41 -0400, Aaron Wolfe wrote: > On Fri, Jul 3, 2009 at 6:26 AM, Mike > Cardwell wrote: > > Aaron Wolfe wrote: > > > >> I think the point was that the URIBL's are never going to be listing > >> these domains, so why waste time looking them up > > > > m...@haven:~$ host consta

Re: constantcontact.com

On Fri, Jul 3, 2009 at 6:26 AM, Mike Cardwell wrote: > Aaron Wolfe wrote: > >> I think the point was that the URIBL's are never going to be listing >> these domains, so why waste time looking them up > > m...@haven:~$ host constantcontact.com.multi.uribl.com > constantcontact.com.multi.uribl.com  

Re: constantcontact.com

On 7/3/2009 12:32 PM, rich...@buzzhost.co.uk wrote: On Fri, 2009-07-03 at 11:26 +0100, Mike Cardwell wrote: Aaron Wolfe wrote: I think the point was that the URIBL's are never going to be listing these domains, so why waste time looking them up m...@haven:~$ host constantcontact.com.multi.uri

Re: constantcontact.com

On Fri, 2009-07-03 at 11:26 +0100, Mike Cardwell wrote: > Aaron Wolfe wrote: > > > I think the point was that the URIBL's are never going to be listing > > these domains, so why waste time looking them up > > m...@haven:~$ host constantcontact.com.multi.uribl.com > constantcontact.com.multi.uribl

Re: constantcontact.com

On 7/3/2009 12:19 PM, Justin Mason wrote: On Fri, Jul 3, 2009 at 10:14, rich...@buzzhost.co.uk wrote: On Fri, 2009-07-03 at 10:06 +0100, Justin Mason wrote: I've heard that they are diligent about terminating abusive clients. Are you reporting these spams to them? Yes - but you would thing a

Re: constantcontact.com

On Fri, 2009-07-03 at 11:19 +0100, Justin Mason wrote: > On Fri, Jul 3, 2009 at 10:14, > rich...@buzzhost.co.uk wrote: > > On Fri, 2009-07-03 at 10:06 +0100, Justin Mason wrote: > >> I've heard that they are diligent about terminating abusive clients. > >> Are you reporting these spams to them? > >

Re: constantcontact.com

Aaron Wolfe wrote: I think the point was that the URIBL's are never going to be listing these domains, so why waste time looking them up m...@haven:~$ host constantcontact.com.multi.uribl.com constantcontact.com.multi.uribl.com A 127.0.0.4 m...@haven:~$ -- Mike Cardwell - IT Consult

RE: constantcontact.com

Aaron Wolfe wrote: > On Fri, Jul 3, 2009 at 5:06 AM, Justin Mason wrote: >> I've heard that they are diligent about terminating abusive clients. >> Are you reporting these spams to them? >> >> --j. >> > > From what I've seen, most of the traffic from them probably doesn't > qualify as spam by t

Re: constantcontact.com

On 7/3/2009 12:11 PM, rich...@buzzhost.co.uk wrote: On Fri, 2009-07-03 at 12:06 +0200, Yet Another Ninja wrote: On 7/3/2009 11:14 AM, rich...@buzzhost.co.uk wrote: On Fri, 2009-07-03 at 10:06 +0100, Justin Mason wrote: I've heard that they are diligent about terminating abusive clients. Are yo

Re: constantcontact.com

On Fri, Jul 3, 2009 at 6:11 AM, rich...@buzzhost.co.uk wrote: > On Fri, 2009-07-03 at 12:06 +0200, Yet Another Ninja wrote: >> On 7/3/2009 11:14 AM, rich...@buzzhost.co.uk wrote: >> > On Fri, 2009-07-03 at 10:06 +0100, Justin Mason wrote: >> >> I've heard that they are diligent about terminating ab

Re: constantcontact.com

On Fri, Jul 3, 2009 at 10:14, rich...@buzzhost.co.uk wrote: > On Fri, 2009-07-03 at 10:06 +0100, Justin Mason wrote: >> I've heard that they are diligent about terminating abusive clients. >> Are you reporting these spams to them? >> > Yes - but you would thing a log full of 550's may be a clue. >

Re: constantcontact.com

On Fri, 2009-07-03 at 12:06 +0200, Yet Another Ninja wrote: > On 7/3/2009 11:14 AM, rich...@buzzhost.co.uk wrote: > > On Fri, 2009-07-03 at 10:06 +0100, Justin Mason wrote: > >> I've heard that they are diligent about terminating abusive clients. > >> Are you reporting these spams to them? > >> > >

Re: constantcontact.com

On 7/3/2009 11:14 AM, rich...@buzzhost.co.uk wrote: On Fri, 2009-07-03 at 10:06 +0100, Justin Mason wrote: I've heard that they are diligent about terminating abusive clients. Are you reporting these spams to them? Yes - but you would thing a log full of 550's may be a clue. What concerns me

Re: AE_MEDS35 does not more work...

Paweł Tęcza pisze: > Hello, > > $ wget > http://devel.debian.tamay-dogan.net/tmp/spamassassin/non_working_sa.00.msg > ... > $ wget > http://devel.debian.tamay-dogan.net/tmp/spamassassin/non_working_sa.11.msg > > $ spamassassin -D < non_working_sa.00.msg > non_working_sa.00.log 2>&1 > ... > $ spam

Re: Can update from sought.rules.yerp.org as I get SHA1 verification failed

it seems to have resolved itself. : 26...; wget http://yerp.org/rules/stage/320790737.tar.gz.sha1; wget http://yerp.org/rules/stage/320790737.tar.gz --2009-07-03 09:59:56-- http://yerp.org/rules/stage/320790737.tar.gz.sha1 Resolving yerp.org... 216.180.243.10 Connecting to yerp.org|216.180.243.10

Re: constantcontact.com

On Fri, 2009-07-03 at 05:16 -0400, Aaron Wolfe wrote: > >From what I've seen, most of the traffic from them probably doesn't > qualify as spam by the common definition. It is, however, stuff that > nobody here wants. I think we are all to generous in what we consider to be 'spam' -v- 'ham'. If

Re: AE_MEDS35 does not more work...

Michelle Konzack pisze: > Am 2009-07-02 15:18:16, schrieb John Hardin: >> Can you post the original raw message to a pastebin, please? > > I am on GSM (O2) and not able to upload to > (I can view contents abut not upload) > > I will try to upload it to > >

Re: Can update from sought.rules.yerp.org as I get SHA1 verification failed

yep, seeing that here too. Investigating... On Fri, Jul 3, 2009 at 08:42, Brent Clark wrote: > Hiya > > Im having a little problem with updating. > > [13860] dbg: plugin: Mail::SpamAssassin::Plugin::MIMEHeader=HASH(0x9ccb9c0) > implements 'finish_tests', priority 0 > [13860] dbg: plugin: Mail::Sp

Re: constantcontact.com

On Fri, 2009-07-03 at 05:16 -0400, Aaron Wolfe wrote: > On Fri, Jul 3, 2009 at 5:06 AM, Justin Mason wrote: > > I've heard that they are diligent about terminating abusive clients. > > Are you reporting these spams to them? > > > > --j. > > > > >From what I've seen, most of the traffic from them p

Re: constantcontact.com

On Fri, Jul 3, 2009 at 5:06 AM, Justin Mason wrote: > I've heard that they are diligent about terminating abusive clients. > Are you reporting these spams to them? > > --j. > >From what I've seen, most of the traffic from them probably doesn't qualify as spam by the common definition. It is, howe

Re: constantcontact.com

On Fri, 2009-07-03 at 10:06 +0100, Justin Mason wrote: > I've heard that they are diligent about terminating abusive clients. > Are you reporting these spams to them? > Yes - but you would thing a log full of 550's may be a clue. What concerns me is SpamAssassin effectively white listing spammers

Re: AE_MEDS35 does not more work...

Am 2009-07-02 15:18:16, schrieb John Hardin: > Can you post the original raw message to a pastebin, please? I am on GSM (O2) and not able to upload to (I can view contents abut not upload) I will try to upload it to Thanks, Greetings and

Re: constantcontact.com

I've heard that they are diligent about terminating abusive clients. Are you reporting these spams to them? --j. On Fri, Jul 3, 2009 at 09:55, Mike Cardwell wrote: > rich...@buzzhost.co.uk wrote: > >> I'm probably missing something here - but Constant Contact (who we block >> by IP) have been a n

Re: constantcontact.com

rich...@buzzhost.co.uk ha scritto: On Fri, 2009-07-03 at 03:50 -0400, Aaron Wolfe wrote: On Fri, Jul 3, 2009 at 2:39 AM, rich...@buzzhost.co.uk wrote: I'm probably missing something here - but Constant Contact (who we block by IP) have been a nagging source of spam for us. I'm just wond

Re: constantcontact.com

rich...@buzzhost.co.uk wrote: I'm probably missing something here - but Constant Contact (who we block by IP) have been a nagging source of spam for us. I'm just wondering why 25_uribl.cf has this line in it: ## DOMAINS TO SKIP (KNOWN GOOD) # Don't bother looking for example domains as per RFC

RE: Freelotto.com

Lol, This might seem wrong but I don't want to, I want every single bit of load I can get on my mail server! Makes testing configurations easier when there is actually traffic going through it. So I couldn't say if the unsubscribe process works as i've never tried it. -Original Message- F

Re: constantcontact.com

On Fri, 2009-07-03 at 03:50 -0400, Aaron Wolfe wrote: > On Fri, Jul 3, 2009 at 2:39 AM, > rich...@buzzhost.co.uk wrote: > > I'm probably missing something here - but Constant Contact (who we block > > by IP) have been a nagging source of spam for us. I'm just wondering why > > Could you share your

Re: constantcontact.com

On Fri, Jul 3, 2009 at 2:39 AM, rich...@buzzhost.co.uk wrote: > I'm probably missing something here - but Constant Contact (who we block > by IP) have been a nagging source of spam for us. I'm just wondering why Could you share your IP list? I'd like to block these clowns too (and I'm lazy). >

Can update from sought.rules.yerp.org as I get SHA1 verification failed

Hiya Im having a little problem with updating. [13860] dbg: plugin: Mail::SpamAssassin::Plugin::MIMEHeader=HASH(0x9ccb9c0) implements 'finish_tests', priority 0 [13860] dbg: plugin: Mail::SpamAssassin::Plugin::Check=HASH(0x9e46fe8) implements 'finish_tests', priority 0 [13860] dbg: generic: l

Re: Freelotto.com

On 03.07.09 09:11, Cory Hawkless wrote: > I get mail from this domain on my Junk email user but i had to subscribe, > However my SA\Amavis install seems to be hitting most of these recently did you manage to unsubscribe? > On 02.07.09 08:36, Kasper Sacharias Eenberg wrote: > > Is this site spammi