Re: localhost spamc[5898]: connect to spamd on ::1 failed, retrying (#1 of 3): Connection refused

2016-10-17 Thread Benny Pedersen
glibc have default ipv6 before ipv4, so your error is just that spamd binds to 127.0.0.1 and spamc use localhost with is ipv6 first, got it ? to solve it is naerly a faq On October 18, 2016 5:04:12 AM Chris wrote: It goes on in my syslog to say Oct 17 12:45:18

localhost spamc[5898]: connect to spamd on ::1 failed, retrying (#1 of 3): Connection refused

2016-10-17 Thread Chris
It goes on in my syslog to say Oct 17 12:45:18 localhost spamc[5898]: connect to spamd on ::1 failed, retrying (#1 of 3): Connection refused Oct 17 12:45:18 localhost spamd[3255]: spamd: connection from localhost [127.0.0.1]:36312 to port 783, fd 5 This just started this afternoon at 12:45. It

Re: The real spoofing issue (was Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless)

2016-10-17 Thread Dianne Skoll
On Mon, 17 Oct 2016 19:11:29 -0400 Ruga wrote: > rfc 822 (the actual standard): Which as I mentioned is obsolete, but I'll play with you... > authentic = "From" ":" mailbox ; Single author / ... > mailbox = addr-spec ; simple address / phrase route-addr > addr-spec =

Re: The real spoofing issue (was Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless)

2016-10-17 Thread Dianne Skoll
On October 17, 2016 7:11:29 PM EDT, Ruga wrote: >rfc 822 (the actual standard): Are you serious? RFC 822 is decades obsolete, long since superseded by 2822 and then by 5322. Regards, Dianne.

Re: The real spoofing issue (was Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless)

2016-10-17 Thread Paul Stead
On 17/10/16 23:52, Ruga wrote: https://tools.ietf.org/html/rfc5322#section-3.6.2 from= "From:" mailbox-list CRLF ... https://tools.ietf.org/html/rfc5322#section-3.4 ... ---8<--- mailbox = name-addr / addr-spec name-addr = [display-name] angle-addr

Re: The real spoofing issue (was Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless)

2016-10-17 Thread Ruga
rfc 822 (the actual standard): authentic = "From" ":" mailbox ; Single author / ... mailbox = addr-spec ; simple address / phrase route-addr addr-spec = local-part "@" domain On Tue, Oct 18, 2016 at 12:52 AM, Ruga <'r...@protonmail.com'> wrote:

Re: The real spoofing issue (was Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless)

2016-10-17 Thread Ruga
https://tools.ietf.org/html/rfc5322#section-3.6.2 On Mon, Oct 17, 2016 at 2:18 AM, Dianne Skoll <'d...@roaringpenguin.com'> wrote: On Sun, 16 Oct 2016 18:08:20 -0400 Ruga wrote: > In my servers, the above string is not RFC compliant, > and therefore the whole mail is

RE: Assistance needed

2016-10-17 Thread John Hardin
On Mon, 17 Oct 2016, Sue Mey wrote: Thank you for the help. Please keep replies on-list so that others may benefit from the discussion and solution in the future. I have a 'Special Offers' section on my website and have been using those words and links for years without a problem. I do

Re: Assistance needed

2016-10-17 Thread John Hardin
On Mon, 17 Oct 2016, Sue Mey wrote: I did not find this question in FAQ I am doing a newsletter in GetResponse and receive the following in Spam check BODY: Uses a mis-spelled version of cialis. I am a woodworker and designer and I have no idea which word I am using that could possibly be a

Assistance needed

2016-10-17 Thread Sue Mey
I did not find this question in FAQ I am doing a newsletter in GetResponse and receive the following in Spam check BODY: Uses a mis-spelled version of cialis. I am a woodworker and designer and I have no idea which word I am using that could possibly be a miss spelt word for

Re: rbldnsd

2016-10-17 Thread Antony Stone
On Monday 17 October 2016 at 17:14:18, Bill Cole wrote: > On 17 Oct 2016, at 9:04, Antony Stone wrote: > > DNS runs over UDP, not TCP. > > True AND false. Agreed; thanks for the detailed clarification, however I was answering a question specifically about rbldnsd. > A DNS server that does not

Re: rbldnsd

2016-10-17 Thread Bill Cole
On 17 Oct 2016, at 9:04, Antony Stone wrote: DNS runs over UDP, not TCP. True AND false. Most DNS queries can be answered in a single UDP packet and so most queries are tried over UDP first. Traditionally, DNS answers over UDP were limited to 512 bytes, although modern extensions typically

Re: The real spoofing issue

2016-10-17 Thread RW
On Mon, 17 Oct 2016 16:30:43 +0200 Ralph Seichter wrote: > On 17.10.16 15:45, RW wrote: > > > Most of what SpamAssassin targets is RFC compliant. It would be > > perfectly legitimate to score bogus addresses in the display name > > if it proved useful. > > With "useful" being open to

Re: The real spoofing issue

2016-10-17 Thread Ralph Seichter
On 17.10.16 15:45, RW wrote: > Most of what SpamAssassin targets is RFC compliant. It would be > perfectly legitimate to score bogus addresses in the display name > if it proved useful. With "useful" being open to interpretation. ;-) Some of my customers are willing to accept a much higher

Re: The real spoofing issue

2016-10-17 Thread Dianne Skoll
On Mon, 17 Oct 2016 14:45:11 +0100 RW wrote: > On Mon, 17 Oct 2016 15:20:27 +0200 > Ralph Seichter wrote: > > From: "John Doe " > > is perfectly legitimate. > but an unusual and rather silly thing to do. As I mentioned,

Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless

2016-10-17 Thread Bowie Bailey
On 10/15/2016 12:53 PM, Matus UHLAR - fantomas wrote: and immediately after implementing, those people and organizations would be surprised they block mail they should not block (see above). No, it wouldn't block mail. It would add a bit to the score. If there are other spam signs, it

Re: The real spoofing issue

2016-10-17 Thread RW
On Mon, 17 Oct 2016 15:20:27 +0200 Ralph Seichter wrote: > On 17.10.16 02:38, Benny Pedersen wrote: > > > one could argue if From:Name and From:Addr have differing domains > > its forged ? > > Which RFC defines "From:Name" and "From:Addr" (I don't see the terms > in RFC5322), and where does

Re: R: rbldnsd

2016-10-17 Thread RW
On Mon, 17 Oct 2016 13:18:23 + Nicola Piazzi wrote: > THX Antony > Service works, but at now how can i address query to this server ? > And the service name test how must be inserted in the query ? There are plenty of examples in the stock rules.

Re: R: rbldnsd

2016-10-17 Thread Axb
53 (and other ports) Oh? I start and it tell that bind : [root@EFALIST rbldnsd]# ./start.sh rbldnsd: listening on ::1/53 rbldnsd: listening on 127.0.0.1/53 So, it's listening on port 53, both IPv4 and IPv6. rbldnsd: ip4tset:/rbldnsd/test.txt: 20161017 101633: cnt=2 rbldnsd: zones reloaded

Re: The real spoofing issue

2016-10-17 Thread Ralph Seichter
On 17.10.16 02:38, Benny Pedersen wrote: > one could argue if From:Name and From:Addr have differing domains its > forged ? Which RFC defines "From:Name" and "From:Addr" (I don't see the terms in RFC5322), and where does it say that domain names must match if they are present? The header line

R: rbldnsd

2016-10-17 Thread Nicola Piazzi
listening on port 53, both IPv4 and IPv6. > rbldnsd: ip4tset:/rbldnsd/test.txt: 20161017 101633: cnt=2 > rbldnsd: zones reloaded, time 0.0e/0.0u sec, mem arena=284 free=131 > mmap=0 Kb rbldnsd: rbldnsd version 0.998 (05 Dec 2015) started (2 > socket(s), 1 > zone(s)) Looks happy to

Re: rbldnsd

2016-10-17 Thread Antony Stone
t; rbldnsd: listening on 127.0.0.1/53 So, it's listening on port 53, both IPv4 and IPv6. > rbldnsd: ip4tset:/rbldnsd/test.txt: 20161017 101633: cnt=2 > rbldnsd: zones reloaded, time 0.0e/0.0u sec, mem arena=284 free=131 mmap=0 > Kb rbldnsd: rbldnsd version 0.998 (05 Dec 2015) started (2 socket

rbldnsd

2016-10-17 Thread Nicola Piazzi
Someone use dnsrbld to create personal rbl ? I am unable to bind to port 53 (and other ports) I start and it tell that bind : [root@EFALIST rbldnsd]# ./start.sh rbldnsd: listening on ::1/53 rbldnsd: listening on 127.0.0.1/53 rbldnsd: ip4tset:/rbldnsd/test.txt: 20161017 101633: cnt=2 rbldnsd