On 12/3/18 6:08 PM, RW wrote:
I think, as the name suggests, that was multiple "bangs" (a bang
being the character "!"),
I was implying routing like UUCP bang paths. As in host 1 via host 2
via host 3.
Check out (source) route addressing in RFC 822 §§ 6.1 (Address
Specification) Syntax,
On 3 Dec 2018, at 16:26, Grant Taylor wrote:
> I know that it's strictly against protocol definition, but I've wondered
> about applying SPF and / or DKIM and / or DMARC to apparent email addresses
> in the human friendly part of From: headers.
DKIM and DMARC *ONLY* operate on headers, *NEVER*
On Mon, 3 Dec 2018 11:15:44 -0700
Grant Taylor wrote:
> I think a LONG time ago, likely before SpamAssassin was a thing, it
> was valid to have multiple @ signs in an email address. This was a
> method of routing messages through other servers. Think UUCP bang
> path.
I think, as the name
On Mon, 3 Dec 2018, Alan Hodgson wrote:
On Mon, 2018-12-03 at 13:17 -0600, sha...@shanew.net wrote:
Yeah, I see all these same things. Better to test against From:addr
rather than the full From: Perhaps something like:
From:addr =~ /\@[^\s]+\@/
Of course, there might still be legit cases
On 12/03/2018 01:51 PM, Alan Hodgson wrote:
The problem though for phishes is that some user agents (ie. Outlook)
only display the quoted user-friendly part of the address, not the rest
of the From: header. So phishers specifically put a fake
@domainbeingphished.com in quotes so your users
On Mon, 2018-12-03 at 13:17 -0600, sha...@shanew.net wrote:
> Yeah, I see all these same things. Better to test against From:addr
> rather than the full From: Perhaps something like:
>
> From:addr =~ /\@[^\s]+\@/
>
> Of course, there might still be legit cases of that kind of usage.
>
The
On 12/03/2018 12:17 PM, sha...@shanew.net wrote:
Of course, there might still be legit cases of that kind of usage.
I would think that the legit cases are far apart and few in between. I
would expect a very low false positive rate on rules to match multiple @
signs.
--
Grant. . . .
unix
On 12/03/2018 12:38 PM, David B Funk wrote:
Are you talking about the SMTP-envelope From address or the 'Header'
from addreses?
I was originally talking about email addresses in general, be it the
SMTP envelope from address or the machine parsable part of the From:
header, between the angle
On Mon, 3 Dec 2018, Grant Taylor wrote:
On 12/03/2018 11:53 AM, Alan Hodgson wrote:
I've been watching these for a while, and unfortunately there are a lot of
customer-service type systems that send From: addresses with quoted @domain
addresses in them. Many of them do "user@address via"
,
Yeah, I see all these same things. Better to test against From:addr
rather than the full From: Perhaps something like:
From:addr =~ /\@[^\s]+\@/
Of course, there might still be legit cases of that kind of usage.
On Mon, 3 Dec 2018, Alan Hodgson wrote:
On Mon, 2018-12-03 at 11:15 -0700,
On 12/03/2018 11:53 AM, Alan Hodgson wrote:
I've been watching these for a while, and unfortunately there are a
lot of customer-service type systems that send From: addresses with
quoted @domain addresses in them. Many of them do "user@address via"
, but not all.
Sorry, I was talking about
On Mon, 2018-12-03 at 11:15 -0700, Grant Taylor wrote:
>
I don't think the multiple @ signs have worked in a very long time. So
> I see no reason not to add score based on multiple @ signs. Or if there
> is a legitimate use for it, it should be extremely rare and the false
> positive rate
On 12/03/2018 09:56 AM, Andreas Galatis wrote:
How comes that spamassassin doesn’t block mailsenders with 2 @-signs in
the address?
Fist: I don't think that SpamAssassin should block anything on any
single (normal) test. IMHO it should increment the spam score and
something should decide
On Mon, 3 Dec 2018, Andreas Galatis wrote:
since several weeks I keep getting mails with sender-addresses like "Harald
Wieruch - Top Ten GmbH h.wieruch@top10ten.comxandra.hennem...@metco-gmbh.de"
The first part "Harald Wieruch - Top Ten GmbH h.wier...@top10ten.com" stays
the same, everything
Hi list,
since several weeks I keep getting mails with sender-addresses like "Harald
Wieruch - Top Ten GmbH h.wieruch@top10ten.comxandra.hennem...@metco-gmbh.de"
The first part "Harald Wieruch - Top Ten GmbH h.wier...@top10ten.com" stays
the same, everything behind this address changes.
Hi!
I have problem with sa-update and my own channel. sa-update queries for
A record of strange domain:
# /usr/bin/sa-update --channel sa.mejor.pl --no-gpg -vv
DNS TXT query: 2.4.3.sa.mejor.pl -> 3209
Update available for channel sa.mejor.pl: -1 -> 3209
DNS A query update.sa.mejor.pl/sa-updates
16 matches
Mail list logo
