Re: HTTP checks on sending IP

2020-05-12 Thread Dominic Raferd
On Wed, 13 May 2020 at 06:27, Pedro David Marco wrote: > > Not a long time ago, there was an very interesting thread post about the idea > of reverse > check of the website content of sending IP... > > To my remember even a "spamassassiner" wrote a plugin for that. > > Honouring my terrible

Re: whitelist_from_spf

2020-05-12 Thread listsb
On May 03, 2020, at 10.55, Matus UHLAR - fantomas wrote: > > On 29.04.20 00:05, listsb wrote: >> i'm experimenting with whitelist_from_spf, just to learn a little about how >> it works, and not getting the result i am expecting. i've created a small >> test message emulating mail from github

HTTP checks on sending IP

2020-05-12 Thread Pedro David Marco
Not a long time ago, there was an very interesting thread post about the idea of reverse check of the website content of sending IP... To my remember even a "spamassassiner" wrote a plugin for that. Honouring my terrible (lack of) brain, i cannot find those posts.  Please can anyone help me to

Re: google as biggest botnet, no kidding

2020-05-12 Thread Pedro David Marco
>On Tuesday, May 12, 2020, 02:16:52 PM GMT+2, micah anderson wrote: >We receive a *huge* amount of phishing attempts from firebasestorage. My >regular routine is to wake up, and report these to google safebrowsing, >but it doesn't seem to have much of an effect. >There *are* occasional,

Re: google as biggest botnet, no kidding

2020-05-12 Thread micah anderson
Riccardo Alfieri writes: > Yes, we are seeing an awful lot of phishing sites hosted under > https://firebasestorage.googleapis.com > > I'd say that 99% of them can be catched by a simple regex though, but I > don't know how common those firebasestorage URLs are in normal emails.. > I

Re: google as biggest botnet, no kidding

2020-05-12 Thread Benny Pedersen
On 2020-05-12 10:15, Riccardo Alfieri wrote: Yes, we are seeing an awful lot of phishing sites hosted under https://firebasestorage.googleapis.com i got sample of this now I'd say that 99% of them can be catched by a simple regex though, but I don't know how common those firebasestorage

Re: google as biggest botnet, no kidding

2020-05-12 Thread Riccardo Alfieri
On 12/05/20 01:12, Benny Pedersen wrote: is others see spam from googleapis.com urls ? its currently url skipped, but i unskipped it localy to see tracking of it i have maked my clamav reject html attachments from today Yes, we are seeing an awful lot of phishing sites hosted under

RE: google as biggest botnet, no kidding

2020-05-12 Thread Marc Roos
Nothing new, started with the amazon abuse cloud. Just put something in your mta like this for sendmail connect:compute-1.amazonaws.com ERROR: "Use your providers outgoing (smtp) server" Only recently I have noticed that they are changing reverse dns lookups to their clients, with the