On 28.12.22 12:55, John Stimson via users wrote:
The machine has bind9 running locally to provide DNS for its own
domain, and uses it for name resolution.
On Wed, 28 Dec 2022, Matus UHLAR - fantomas wrote:
This is the problem:
Bind9 is configured to use OpenDNS and Google as forwarders.
On Wed, 28 Dec 2022, Matus UHLAR - fantomas wrote:
On 28.12.22 12:55, John Stimson via users wrote:
The machine has bind9 running locally to provide DNS for its own domain,
and uses it for name resolution.
This is the problem:
Bind9 is configured to use OpenDNS and Google as forwarders.
Riccardo Alfieri skrev den 2022-12-28 11:44:
Hello everyone,
just FYI, I published the updated rules to have DQS working on SA
4.0.0+ (https://github.com/spamhaus/spamassassin-dqs)
https://github.com/spamhaus/spamassassin-dqs/blob/master/4.0.0%2B/sh.cf
dated Spamhaus's SpamAssassin setup
On 2022-12-28 at 12:55:20 UTC-0500 (Wed, 28 Dec 2022 12:55:20 -0500)
John Stimson via users
is rumored to have said:
[...]
On 2022/12/28 15:07:31 Bill Cole wrote:
Perhaps your DNS resolution is to blame. Are you using a local
recursive
resolver that does no forwarding?
The machine has
On 2022-12-28 at 12:32:39 UTC-0500 (Wed, 28 Dec 2022 12:32:39 -0500)
Greg Troxel
is rumored to have said:
It would be great if someone(tm) went through the blackhat pdf and
wrote
rules for all the evasions, and fixed the MTAs etc.
From the cited page:
For more technical details, please
Brent Clark:
> Something to see and keep an eye on (Read: Why build this tool)
>
> https://www.kitploit.com/2022/01/espoofer-email-spoofing-testing-tool.html
This is old news. The espoofer tool and research were presented I think
in 2020 and were widely discussed then. And bug fixes for, say,
On 28.12.22 12:55, John Stimson via users wrote:
The machine has bind9 running locally to provide DNS for its own
domain, and uses it for name resolution.
This is the problem:
Bind9 is configured to use
OpenDNS and Google as forwarders.
BIND does NOT need forwarders and by using it, you
John,
No offence meant, but I would like to suggest you to also look at your
mail client and/or mail server configuration, especially some silly
"privacy" filters touching on headers.
It looks like something in your set up is preventing the two headers
References, and In-Reply-To from your
On 2022/12/28 15:09:36 Matus UHLAR - fantomas wrote:
> spamassassin service is not needed when you use amavis, you can stop and
> disable it.
Good to know.
On 2022/12/28 15:09:36 Matus UHLAR - fantomas wrote:
> >~amavis/.spamassassin contains a file user.prefs that has only comment
> >lines.
On 12/28/22 10:32 AM, Greg Troxel wrote:
It would be great if someone(tm) went through the blackhat pdf and
wrote rules for all the evasions, and fixed the MTAs etc.
I have seen and heard discussion about the raft number of bugs fixed 30
- 90 days after the annual Blackhat / Pwn2Own
It would be great if someone(tm) went through the blackhat pdf and wrote
rules for all the evasions, and fixed the MTAs etc.
On 12/28/22 6:17 AM, Kevin A. McGrail wrote:
Sigh. Yet another borderline ethical posting / tool like far too many
pentesters who think transparency is the ultimate way to move the needle
of security
Many tools can be used for both good and evil.
I have yet to find a kitchen knife that can
On Wed, 2022-12-28 at 16:44 +0200, Henrik K wrote:
>
> Doesn't look too good for Gentoo packaging though, if since 2009 v310.pre
> and newer have been full of all sorts of plugins loaded. It's like nobody
> actually cared since most of the stuff is useful. :-)
>
Nobody noticed until now, and
On Wed, Dec 28, 2022 at 08:20:04AM -0500, Philippe Chaintreuil via users wrote:
So there's desire that if a user doesn't want Mail::SPF installed, and
SpamAssassin doesn't REQUIRE it (which it doesn't), it shouldn't be force
installed. But for SpamAssassin to work as installed, that plugin
On 2022/12/28 12:45:48 Matus UHLAR - fantomas wrote:
have you reloaded amavisd?
On 28.12.22 08:50, John Stimson via users wrote:
I restarted the amavisd-new.service and spamassassin.service after
editing /etc/spamassassin/local.cf
spamassassin service is not needed when you use amavis, you
On 2022-12-28 at 08:50:35 UTC-0500 (Wed, 28 Dec 2022 08:50:35 -0500)
John Stimson via users
is rumored to have said:
Updates:
On 2022/12/28 12:45:48 Matus UHLAR - fantomas wrote:
have you reloaded amavisd?
I restarted the amavisd-new.service and spamassassin.service after
editing
On Wed, Dec 28, 2022 at 09:30:30AM -0500, Michael Orlitzky wrote:
> On Wed, 2022-12-28 at 16:20 +0200, Henrik K wrote:
> >
> > Common sense would ask that how is SPF harmful for the user? One would
> > think it would be actually desirable like any other network lookups, that
> > user might have
On 28/12/22 15:15, Henrik K wrote:
Maybe would be even good idea to use something like this:
ifplugin Mail::SpamAssassin::Plugin::HashBL
else
error: Please activate HashBL plugin in v342.pre
endif
I think I'll just add the ifplugin condition in the two .cf files and
add a note in
On Wed, 2022-12-28 at 16:20 +0200, Henrik K wrote:
>
> Common sense would ask that how is SPF harmful for the user? One would
> think it would be actually desirable like any other network lookups, that
> user might have accidentally left disabled? But sure, if this is the Gentoo
> way, so be
And it is even mentioned in the UPGRADE notes:
- The HashBL plugin in 342.pre is now enabled by default.
(sad typo in the filename)
On Wed, Dec 28, 2022 at 04:21:45PM +0200, Henrik K wrote:
>
> This was discussed and approved in some of the 4.0.0 bugs. There should be
> no need to revisit
As I say, such is life. It's a minor thing. Any objections to a
comment if it doesn't exist that documents it was enabled by default in
4.0.0 in the 3.4.2 pre file?
On 12/28/2022 9:21 AM, Henrik K wrote:
This was discussed and approved in some of the 4.0.0 bugs. There should be
no need to
This was discussed and approved in some of the 4.0.0 bugs. There should be
no need to revisit it. It still wouldn't make sense to have loadplugin
HashBL in two *.pre files.
On Wed, Dec 28, 2022 at 09:18:51AM -0500, Kevin A. McGrail wrote:
> Wow, as it's enabled in v342.pre, that would imply
On Wed, Dec 28, 2022 at 09:10:13AM -0500, Michael Orlitzky wrote:
>
> Without disabling the plugin, how would that work? If the user happens
> to install Mail::SPF as a dependency of something else and if the
> plugin is *not* disabled, spamassassin will (surprise!) start using SPF
> against the
Wow, as it's enabled in v342.pre, that would imply it was enabled in
3.4.2. We should not have changed a past pre file for the 4.0.0 release
IMO but added it to the 4.0.0.pre file. Such is life. Should we fix it
for 4.0.1?
On 12/28/2022 9:07 AM, Henrik K wrote:
Just keep in mind that
Henrik K skrev den 2022-12-28 15:06:
Of course it's a bit of a double-edged sword, since with ifplugin the
rules
might silently be ignored. Especially for Gentoo users. ;-)
gentoo users does not use precompiled problems
On Wed, Dec 28, 2022 at 04:06:01PM +0200, Henrik K wrote:
> On Wed, Dec 28, 2022 at 01:58:55PM +, Riccardo Alfieri wrote:
> > On 28/12/22 14:44, Henrik K wrote:
> >
> > > It is enabled by default for new installs in v342.pre (old users must
> > > enable
> > > it manually). But like with any
Kevin A. McGrail skrev den 2022-12-28 15:04:
Going further, you might just encapsulate your entire cf file in to
ifplugin checks, one for URIDNSBL and one for HashBL and any other
plugins you need.
bingo
However, both URIDNSBL and HashBL are enabled by default from checking
the source code.
On Wed, 2022-12-28 at 15:38 +0200, Henrik K wrote:
>
> Disabling default plugins solves nothing, just creates a worse experience
> for user. Educating and guiding users to use DNS properly does not require
> this.
Gentoo builds everything from source and allows the user to
enable/disable some
On Wed, Dec 28, 2022 at 09:04:09AM -0500, Kevin A. McGrail wrote:
>
> However, both URIDNSBL and HashBL are enabled by default from checking the
> source code.
Just keep in mind that HashBL is only enabled for fresh 4.0.0 installs, it
wasn't default previously.
On Wed, Dec 28, 2022 at 01:58:55PM +, Riccardo Alfieri wrote:
> On 28/12/22 14:44, Henrik K wrote:
>
> > It is enabled by default for new installs in v342.pre (old users must enable
> > it manually). But like with any other loadable plugin, one MUST check use
> > "ifplugin" to check that
Going further, you might just encapsulate your entire cf file in to
ifplugin checks, one for URIDNSBL and one for HashBL and any other
plugins you need.
However, both URIDNSBL and HashBL are enabled by default from checking
the source code.
Regards,
KAM
On 12/28/2022 8:58 AM, Riccardo
On 28/12/22 14:44, Henrik K wrote:
It is enabled by default for new installs in v342.pre (old users must enable
it manually). But like with any other loadable plugin, one MUST check use
"ifplugin" to check that it's loaded.
Ok, thanks for the clarification.
Would you then suggest to add also
Kevin A. McGrail skrev den 2022-12-28 14:48:
And posters should do their homework as well and post information that
shows what is the problem, how to recreate it, and the expected
outcome. Your posts on this thread are borderline nonsensical.
i did, but you did not understand me, sorry for
Updates:
On 2022/12/28 12:45:48 Matus UHLAR - fantomas wrote:
> have you reloaded amavisd?
I restarted the amavisd-new.service and spamassassin.service after
editing /etc/spamassassin/local.cf
> do you have anything set in amavis' home directory?
> usually ~amavis/.spamassassin
Kevin A. McGrail skrev den 2022-12-28 14:44:
On 12/28/2022 8:35 AM, Riccardo Alfieri wrote:
Do you have hashbl plugin enabled?
Ah, I thought it was enabled by default in SA 4.0.
You are correct. HashBL is by default enabled in a stock distribution
with v342.pre. That doesn't mean the
On 12/28/2022 8:33 AM, Benny Pedersen wrote:
I have no idea what the check plugin is. Read your quoted line again.
don't read the source ?,
https://github.com/apache/spamassassin/blob/trunk/rules/v320.pre#L21
My question was: Do you have the Plugin HashBL enabled.
i have in my test only
Riccardo Alfieri skrev den 2022-12-28 14:35:
On 28/12/22 14:20, Kevin A. McGrail wrote:
Do you have hashbl plugin enabled?
Ah, I thought it was enabled by default in SA 4.0.
only check is on --lint testing, if all plugins is default enabled
multiple errors is hidded
hopefully
On 12/28/2022 8:35 AM, Riccardo Alfieri wrote:
Do you have hashbl plugin enabled?
Ah, I thought it was enabled by default in SA 4.0.
You are correct. HashBL is by default enabled in a stock distribution
with v342.pre. That doesn't mean the trouble reporter has it enabled.
--
Kevin A.
On Wed, Dec 28, 2022 at 01:35:22PM +, Riccardo Alfieri wrote:
> On 28/12/22 14:20, Kevin A. McGrail wrote:
>
> > Do you have hashbl plugin enabled?
> >
> >
> Ah, I thought it was enabled by default in SA 4.0.
It is enabled by default for new installs in v342.pre (old users must enable
it
Riccardo Alfieri skrev den 2022-12-28 14:34:
Looks like you didn't replace the DQS key in the template, as it's
outlined in the README.
i will not share my key here
You also have a lot of parsing errors that are not normal (\t should
be a , don't know why your system renders that badly)
Howdy,
if test useflag is in game, all plugins should be disabled, only check
plugin should be enabled, while testing .t rules, this test is only
for developpers and repo maintainers, not end users on gentoo
I'd bring that up on the Gentoo list.
i will like to see default all plugins disabled,
On Wed, Dec 28, 2022 at 02:29:03PM +0100, Benny Pedersen wrote:
>
> i will like to see default all plugins disabled, and a install howto enabled
> needed plugin as needed, there is not anypoint on enabled all, and all it
> gets is dns refused .
>
> or some *_BLCOKED like apache infra cant
On Wed, Dec 28, 2022 at 08:20:04AM -0500, Philippe Chaintreuil via users wrote:
>
> So there's desire that if a user doesn't want Mail::SPF installed, and
> SpamAssassin doesn't REQUIRE it (which it doesn't), it shouldn't be force
> installed. But for SpamAssassin to work as installed, that
On 28/12/22 14:20, Kevin A. McGrail wrote:
Do you have hashbl plugin enabled?
Ah, I thought it was enabled by default in SA 4.0.
--
Best regards,
Riccardo Alfieri
Spamhaus Technology
https://www.spamhaus.com/
Looks like you didn't replace the DQS key in the template, as it's
outlined in the README.
You also have a lot of parsing errors that are not normal (\t should be
a , don't know why your system renders that badly)
On 28/12/22 14:17, Benny Pedersen wrote:
Dec 28 14:12:09.837 [1461] warn:
Kevin A. McGrail skrev den 2022-12-28 14:24:
I have no idea what the check plugin is. Read your quoted line again.
don't read the source ?,
https://github.com/apache/spamassassin/blob/trunk/rules/v320.pre#L21
i have in my test only this plugin enabled, rest is disabled
rule maintainers
Kevin A. McGrail skrev den 2022-12-28 14:22:
+1 thanks for bringing this up and bridging the fix!
On 12/28/2022 8:20 AM, Philippe Chaintreuil via users wrote:
I'm going to make a Gentoo Pull Request to try to remove the init.pre
blanket disable, because at this point we do install most of
I have no idea what the check plugin is. Read your quoted line again.
On 12/28/2022 8:22 AM, Benny Pedersen wrote:
Kevin A. McGrail skrev den 2022-12-28 14:20:
Do you have hashbl plugin enabled?
read your quoted line again ?
On 12/28/2022 8:17 AM, Benny Pedersen wrote:
above is with
Kevin A. McGrail skrev den 2022-12-28 14:20:
Do you have hashbl plugin enabled?
read your quoted line again ?
On 12/28/2022 8:17 AM, Benny Pedersen wrote:
above is with only check plugin enabled, this should lint without
warnings
+1 thanks for bringing this up and bridging the fix!
On 12/28/2022 8:20 AM, Philippe Chaintreuil via users wrote:
I'm going to make a Gentoo Pull Request to try to remove the init.pre
blanket disable, because at this point we do install most of those
dependencies by default. Failing that I'll
Do you have hashbl plugin enabled?
On 12/28/2022 8:17 AM, Benny Pedersen wrote:
above is with only check plugin enabled, this should lint without
warnings
--
Kevin A. McGrail
kmcgr...@apache.org
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
TL;DR:
I'm going to try get the init.pre disables removed in Gentoo, failing
that I'm going to move it to /etc/spamassassin/ modifications instead of
changing the files in rules/.
I believe Philippe is the package maintainer, so it's up to him I
guess.
Disclaimer:
I'm just a volunteer
Riccardo Alfieri skrev den 2022-12-28 11:44:
Hello everyone,
just FYI, I published the updated rules to have DQS working on SA
4.0.0+ (https://github.com/spamhaus/spamassassin-dqs)
Thanks to the effort of all SA developers there is no need anymore to
install a dedicated plugin, as all of our
On 12/28/2022 8:11 AM, Brent Clark wrote:
Something to see and keep an eye on (Read: Why build this tool)
Sigh. Yet another borderline ethical posting / tool like far too many
pentesters who think transparency is the ultimate way to move the needle
of security while thinly veiling their
Good day Guys
Something to see and keep an eye on (Read: Why build this tool)
https://www.kitploit.com/2022/01/espoofer-email-spoofing-testing-tool.html
HTH
Regards
Brent Clark
On 27.12.22 17:28, John Stimson via users wrote:
I have a single SMTP server with single public IP address. I have set
trusted_networks my.ip.num.ber
internal_networks my.ip.num.ber
and removed the clear_originating_ip_headers line. I also added the line
add_header all RelaysUntrusted
On 27.12.22 22:13, Maurizio Caloro wrote:
/spamassassin/local.cf
# DCC
use_dcc 1
dcc_home /var/dcc
dcc_timeout 8
dcc_path /var/dcc/bin/dccproc
add_header all DCC _DCCB_: _DCCR_
score DCC_CHECK 4.0
/var/lib/dcc/dcc_conf
DCCM_ENABLE
I believe Philippe is the package maintainer, so it's up to him I guess. :-)
On Wed, Dec 28, 2022 at 06:35:07AM -0500, Kevin A. McGrail wrote:
> +1 and over and above by Henrik to install the distro for testing.
>
> Our project cannot be responsible for the decisions of the distribution
>
On Mon, Dec 26, 2022 at 01:57:20PM -0500, Philippe Chaintreuil via users wrote:
> On 12/25/2022 4:38 PM, Sidney Markowitz wrote:
> > I can get exactly that set of error messages by commenting out the
> > loadplugin for URIDNSBL in rules/init.pre or deleting the file
> > rules/init.pre completely,
John Stimson via users skrev den 2022-12-27 23:28:
I have a single SMTP server with single public IP address. I have set
trusted_networks my.ip.num.ber
this can have all external trusted ips aswell, but minimal it should be
a list of ips you have ssh root access on, nothing more nothing less
60 matches
Mail list logo
