On 7/20/2010 1:01 PM, Ted Mittelstaedt wrote:
You are mistaken. I'm a proponent of port 25 blocks. What I
am saying is that port 25 blocks work far better than attempting to
spamfilter outbound mail. It is the other guy who is arguing that
spamfiltering outbound mail is better than port 25
On 7/22/2010 2:23 PM, Ted Mittelstaedt wrote:
On 7/22/2010 11:29 AM, Benny Pedersen wrote:
On tor 22 jul 2010 20:03:18 CEST, Charles Gregory wrote
A forged sender looks no different than a legitimate sender. Postfix
would have no way to be 'smart' about this (except for some instances
of
On 7/15/2010 6:55 PM, Alexandre Chapellon wrote:
Hi all,
Few months ago I asked this list if using SA on outgoing smtp was a
good idea (Thread: SA on outgoing SMTP).
This thread quickly moved to Block direct port 25 for non-mta users!
I was really afraid of doing so and didn't really
Like some people I run a small internal spamtrap of never used by real
users addresses for use in feeding Bayes as well as reporting to Razor
and internal IXHASH. In addition I also have a database that returns
550 User unknown for all email addresses that are dead, with the
date they were
On 7/19/2010 1:29 PM, Ted Mittelstaedt wrote:
On 7/19/2010 8:43 AM, Brian Godette wrote:
On 7/15/2010 6:55 PM, Alexandre Chapellon wrote:
Hi all,
Few months ago I asked this list if using SA on outgoing smtp was a
good idea (Thread: SA on outgoing SMTP).
This thread quickly moved to Block
On 7/19/2010 2:25 PM, Ted Mittelstaedt wrote:
On 7/19/2010 12:56 PM, Brian Godette wrote:
On 7/19/2010 1:29 PM, Ted Mittelstaedt wrote:
On 7/19/2010 8:43 AM, Brian Godette wrote:
On 7/15/2010 6:55 PM, Alexandre Chapellon wrote:
Hi all,
Few months ago I asked this list if using SA
On 7/19/2010 4:01 PM, RW wrote:
On Mon, 19 Jul 2010 13:25:26 -0700
Ted Mittelstaedtt...@ipinc.net wrote:
It's been our experience that spam-scanning outbound mail causes a lot
more problems than setting up mailserver monitoring and being
responsive to it. Sooner or later one of your
Johnson, S wrote:
I’ve done really good with blocking spam up until this one…
It looks like a “legitimate” e-mailer from both the system perspective
and the system perspective.
When I look at my logs, the servers are reporting their domains
correctly so their mailserver looks ok when
Marc Perkel wrote:
As opposed to preprocessing before using SA to reduce the load. (ie.
using blacklist and whitelist before SA)
We don't.
We use a locally modified MaRBL that uses weighted scoring, RHSBLs
against helo/sender domain/reverse, and the BOTNET plugin (each
meta-rule gets its
Johnson, S wrote:
The only reason I ask about if I should learn the messages is that
my users have a hard time putting good email into the good email
folder. Everyone is quick to put in spam messages though. My filter
is getting about 50 to 1 spam to ham right now. Everything I've
Oenus Tech Services wrote:
After much testing, we have decided to put the RBLs on Postfix for
performance reasons. Before checking with those RBLs, our system does
EHLO checks against a known-spammer blacklist database as well to filter
the most obvious cases. Then we use zen.spamhaus.org,
On Monday 20 November 2006 19:06, Rick Macdougall wrote:
John Andersen wrote:
... the spammers are not actually
storing the email addresses on the infected machines, they just send an
email to go out).
I'm not saying they won't do it, I'm saying they aren't doing it currently.
Actually they
Seems pretty accurate to me since I have accounts that have been
returning 550: User Unknown smtp rejects for 2+ years that still receive
mail from Amazon on a weekly/monthly basis. Same thing for several airline
mileage programs, big name stock brokerages, etc.
On Friday 03 November 2006
So far this is the first time I've seen this be used.
Spammer is using a ham corpus message and including the entire plain text
inside an HTML comment (-- --).
Return-Path: [EMAIL PROTECTED]
X-Original-To: [EMAIL PROTECTED]
Delivered-To: [EMAIL PROTECTED]
Received: by mailhost.idcomm.com
On Friday 23 June 2006 13:24, Michael Monnerie wrote:
On Freitag, 23. Juni 2006 20:56 Brian Godette wrote:
Spammer is using a ham corpus message and including the entire plain
text inside an HTML comment (-- --).
Seems to be pas problem for SA:
X-Spam-Status: Yes, hits=16.9 required=5.0
On Friday 23 June 2006 15:28, Michael Monnerie wrote:
Are you sure about that? It would have to be a message that was ham,
have (nearly) the same content, autolearn must be on and the message
must have been learned. That's a lot of if...and.. statements. I use
sitewide bayes (hand trained),
On Tuesday 17 January 2006 01:02 pm, Justin Mason wrote:
yeah, we were chatting about that on John-Graham Cumming's weblog. All I
can think of is that they're attempting to evade another anti-spam
product, one that uses OCR, but is secret/proprietary hence *we* don't
know about it.
Or the
On Tuesday 17 January 2006 02:52 pm, Justin Mason wrote:
Brian Godette writes:
On Tuesday 17 January 2006 01:02 pm, Justin Mason wrote:
yeah, we were chatting about that on John-Graham Cumming's weblog. All
I can think of is that they're attempting to evade another anti-spam
product
On Monday 16 January 2006 04:27 pm, [EMAIL PROTECTED] wrote:
Hi!
Im curious if there are any intitiatives to collect pump and dump stock
symbols and names to check against incomming spam. I've looked around
but have yet to find anything. I think some sort of database would be
nice to
[EMAIL PROTECTED] appears to be not only running this mailing
list thru spamassassin (bad idea) but also auto-reporting any positive hits
(incredibly bad idea).
Or maybe they're just early for next year?
---BeginMessage---
He's got your eyes, Dad's nose and his own busy little feet which can
lead to an occasional unexpected accident. But never fear, PayDayOK is
there
On Tuesday 08 February 2005 2:14 pm, Kenneth Porter wrote:
--On Tuesday, February 08, 2005 11:14 AM -0700 Brian Godette
[EMAIL PROTECTED] wrote:
care must be taken to have the expiry times
reasonable or the iptables rule lists becomes much too large and
eventually chews up all available
On Thursday 03 February 2005 3:32 pm, Matt Kettler wrote:
I encountered one ISP who's legitimate mail gateway is freaking out under
the load of all the proxy spam.
It's now retrying temp-fail messages immediately without any delay... 24+
times per second.
Since I have Sendmail set up to
On Monday 03 January 2005 01:09 pm, Andy Jezierski wrote:
Probably not. Every year around the holidays our spam hits a yearly low
usually the week of Christmas, then goes right back up to the previous
levels. I think some of the spammers may be taking a holiday break as
well.
Andy
Perhaps
And I hope you're taking that opportunity to update IOS on it as well.
On Tuesday 05 October 2004 05:58 pm, Nate Schindler wrote:
A sad day is coming on Thursday, I have to re-boot a router at one of our
remote locations to install a new card.
I always loved showing this to people who
Docs for the spamd protocol are in the source tree.
Mail-SpamAssassin-3.0.0/spamd/PROTOCOL
On Wednesday 06 October 2004 03:11 pm, [EMAIL PROTECTED] wrote:
I'm interested in restructuring my MIMEDefang/SpamAssassin setup.
Currently each MIMEDefang slave carries around its own SpamAssassin
26 matches
Mail list logo
