It found "xon, OX" in "Aylesbury Road, Thame, Oxon, OX9 3AT"
It's an aggressive rule that finds anything that might be an
obfuscated Xanax. It only scores 0.8 points because it can produce FPs
like this.
Actually that is my private, custom score. I think the default is 2.8
or something like
It found "xon, OX" in "Aylesbury Road, Thame, Oxon, OX9 3AT"
It's an aggressive rule that finds anything that might be an
obfuscated Xanax. It only scores 0.8 points because it can produce FPs
like this.
Actually that is my private, custom score. I think the default is 2.8
or something like
On 14/11/2014 11:26, Matus UHLAR - fantomas wrote:
On 13.11.14 14:34, Giles Coochey wrote:
I avoid the distribution perl completely, and use perlbrew and
spamassassin 3.4.0 compiled from source, with a specific perlbrew
perl version I avoid breaking the version of perl that comes
the version of perl that comes with the system
and can satisfy all dependencies via CPAN.
--
Regards,
Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 8444 780677
+44 (0) 7584 634135
http://www.coochey.net
http://www.netsecspec.co.uk
gi...@coochey.net
smime.p7s
Description: S/MIME Cryptographic
On 12/09/2014 18:34, Rick Macdougall wrote:
On 2014-09-12 1:24 PM, John Hardin wrote:
On Fri, 12 Sep 2014, Reindl Harald wrote:
Am 12.09.2014 um 15:26 schrieb Giles Coochey:
On 12/09/2014 13:47, Rick Macdougall wrote:
I have used imap-sa-learn.pl for years. Works great.
Google imap-sa
On 12/09/2014 13:47, Rick Macdougall wrote:
Hi,
I have used imap-sa-learn.pl for years. Works great.
Google imap-sa-learn.pl to get the perl source code.
Wouldn't mind using it, but don't think I can get it working as my IMAP
server requires SSL
--
Regards,
Giles Coochey, CCNP, CCNA
on port 993.
--
Regards,
Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 8444 780677
+44 (0) 7584 634135
http://www.netsecspec.co.uk
giles.cooc...@netsecspec.co.uk
--
Regards,
Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 8444 780677
+44 (0) 7584 634135
http://www.coochey.net
On 12/09/2014 17:01, Reindl Harald wrote:
Am 12.09.2014 um 17:48 schrieb Giles Coochey:
On 12/09/2014 14:30, Reindl Harald wrote:
Wouldn't mind using it, but don't think I can get it working as my IMAP server
requires SSL
have you tried it?
these days almost anything works with SSL
because
?
--
Regards,
Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 8444 780677
+44 (0) 7983 877438
http://www.coochey.net
http://www.netsecspec.co.uk
gi...@coochey.net
smime.p7s
Description: S/MIME Cryptographic Signature
).
It is the task of what called it to act upon it.
--
Regards,
Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 8444 780677
+44 (0) 7983 877438
http://www.coochey.net
http://www.netsecspec.co.uk
gi...@coochey.net
smime.p7s
Description: S/MIME Cryptographic Signature
as a marker to whether I have actioned a
particular email and keep messages unread until such time that they
are dealt with.
--
Regards,
Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 8444 780677
+44 (0) 7983 877438
http://www.coochey.net
http://www.netsecspec.co.uk
gi...@coochey.net
...
--
Regards,
Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 8444 780677
+44 (0) 7983 877438
http://www.coochey.net
http://www.netsecspec.co.uk
gi...@coochey.net
smime.p7s
Description: S/MIME Cryptographic Signature
to be funny.:-)
--
Regards,
Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 8444 780677
+44 (0) 7983 877438
http://www.coochey.net
http://www.netsecspec.co.uk
gi...@coochey.net
smime.p7s
Description: S/MIME Cryptographic Signature
...@spam.spamcop.net): unknown user: devnull
--
Regards,
Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 7983 877438
http://www.coochey.net
http://www.netsecspec.co.uk
gi...@coochey.net
smime.p7s
Description: S/MIME Cryptographic Signature
Hi,
I'm using spamass-milter in conjunction with spamassassin.
I've noticed that emails that are considered too large for spamassassin
to scan appear to be rejected by spamass-milter because it cannot find a
score in the email.
I've looked at the configuration options for spamass-milter and
On 20/03/2013 14:24, Axb wrote:
On 03/20/2013 02:59 PM, Giles Coochey wrote:
Hi,
I'm using spamass-milter in conjunction with spamassassin.
I've noticed that emails that are considered too large for spamassassin
to scan appear to be rejected by spamass-milter because it cannot find a
score
, and I believe it only accepts body and doesn't do
network related checks.
--
Regards,
Giles Coochey, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 7983 877438
http://www.coochey.net
http://www.netsecspec.co.uk
gi...@coochey.net
smime.p7s
Description: S/MIME Cryptographic Signature
the
ability to block at (say) 12 points, tag at say 5 points (which could be
implemented to leave messages in a moderation queue) and release
everything else.
--
Regards,
Giles Coochey, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 7983 877438
http://www.coochey.net
http://www.netsecspec.co.uk
gi
I would look at getting a datafeed:
http://www.uribl.com/datafeed.shtml [7]
Out of interest, how much
volume of email are you processing to experience this?
Are you sharing
your external IP with any other of your ISP customers? Does your ISP do
anything strange with DNS queries?
On
On Tue, October 4, 2011 20:59, Frank Leonhardt wrote:
On 04/10/2011 19:22, Kris Deugau wrote:
Frank Leonhardt wrote:
Here's the problem:
I have a single mail server (not commercial) using sendmail to accept
incoming mail from all sources, and filtering using spamassassin. It
also accepts
On Wed, October 5, 2011 18:02, Frank Leonhardt wrote:
On 05/10/2011 16:23, Giles Coochey wrote:
On Tue, October 4, 2011 20:59, Frank Leonhardt wrote:
On 04/10/2011 19:22, Kris Deugau wrote:
Frank Leonhardt wrote:
Here's the problem:
I have a single mail server (not commercial) using
On Tue, July 19, 2011 14:50, Thomas Mullins wrote:
We would like to start monitoring our two smtp servers. They are fairly
busy boxes, maybe 100,000 messages a day, give or take several thousand.
They of course run Spamassassin, Postfix is also used. We use MRTG to
monitor internal servers
On Fri, May 13, 2011 17:09, Ted Mittelstaedt wrote:
On 5/13/2011 1:58 AM, Giles Coochey wrote:
Not quite - Google's retry may come from another server in a different
range.
if it did then mail from Google would be delayed significantly, like
12-24 hours for example.
Yes, exactly
On Thu, May 12, 2011 18:06, Ted Mittelstaedt wrote:
On 5/12/2011 4:49 AM, Niamh Holding wrote:
Hello Matus,
Thursday, May 12, 2011, 12:11:10 PM, you wrote:
MUf Actyally, Michael Scheidell reported that yahoo miebehaves when
receiving
MUf 4xx response after RCPT TO:
Very different from
no obligation to follow any rules.
--
Best Regards,
Giles Coochey
NetSecSpec Ltd
NL T-Systems Mobile: +31 681 265 086
NL Mobile: +31 626 508 131
GIB Mobile: +350 5401 6693
Email/MSN/Live Messenger: gi...@coochey.net
Skype: gilescoochey
smime.p7s
Description: S/MIME Cryptographic Signature
,
Giles Coochey
NetSecSpec Ltd
NL T-Systems Mobile: +31 681 265 086
NL Mobile: +31 626 508 131
GIB Mobile: +350 5401 6693
Email/MSN/Live Messenger: gi...@coochey.net
Skype: gilescoochey
smime.p7s
Description: S/MIME Cryptographic Signature
On 25/02/2011 14:31, Giles Coochey wrote:
On 25/02/2011 14:18, James Lay wrote:
Hi folks,
So…I was sent an email that was pretty much all in Chinese…headers
below:
Date: Tue, 22 Feb 2011 13:44:37 -0700
Subject:
=?utf-8?B?Rlc6IOKWoO+8keaciOOBq+W8iuekvuOBq+WxiuOBhOOBn+aEnw==?=
=?utf-8?B
want to
reject mails right away. I just want to flag them with points.
Cheers,
Henry
How do you define 'exists' - do you mean reachable and up? or just
whether a MX record is defined?
--
Best Regards,
Giles Coochey
NetSecSpec Ltd
NL T-Systems Mobile: +31 681 265 086
NL Mobile: +31 626 508
... non-existent domain is already a standard
MTA check anyway...
--
Best Regards,
Giles Coochey
NetSecSpec Ltd
NL T-Systems Mobile: +31 681 265 086
NL Mobile: +31 626 508 131
GIB Mobile: +350 5401 6693
Email/MSN/Live Messenger: gi...@coochey.net
Skype: gilescoochey
smime.p7s
Description: S
-milter
Arch : i386
Version: 0.3.1
Release: 24.rhel5
--
Best Regards,
Giles Coochey
NetSecSpec Ltd
NL T-Systems Mobile: +31 681 265 086
NL Mobile: +31 626 508 131
GIB Mobile: +350 5401 6693
Email/MSN/Live Messenger: gi...@coochey.net
Skype: gilescoochey
smime.p7s
Description: S/MIME
in March of 2010./
/ /
/ http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=573228/
I thought I committed the patch to CVS, but apparently hadn't. It's
committed now, and I'll do a release this weekend.
--
Dan Nelson
address@hidden
--
Best Regards,
Giles Coochey
NetSecSpec Ltd
an idea, as long as it wasn't a
BOGON that had special uses (e.g. RFC1918), however, there are no such
BOGONs left anymore... the last allocatable IPs were given out this very
week.
--
Best Regards,
Giles Coochey
NetSecSpec Ltd
NL T-Systems Mobile: +31 681 265 086
NL Mobile: +31 626 508 131
GIB
on them. Yep, can't remember using DNS in those days...
Never even thought of checking MD5 checksums in those days (not sure if
they even existed!!)
--
Best Regards,
Giles Coochey
NetSecSpec Ltd
NL T-Systems Mobile: +31 681 265 086
NL Mobile: +31 626 508 131
GIB Mobile: +350 5401 6693
Email/MSN
: 193.79.237.39
Non-authoritative answer:
Name:hermes.apache.org
Address: 140.211.11.3
140.211.11.3
Server: cache0201.ns.eu.uu.net
Address: 193.79.237.39
Name:hermes.apache.org
Address: 140.211.11.3
--
Best Regards,
Giles Coochey
NetSecSpec Ltd
NL T-Systems Mobile: +31 681 265 086
NL
-police to catch nearly all
spam and I'm sure that rejecting on a single issue or dubious fact will
affect the receipt of genuine non-SPAM messages.
--
Best Regards,
Giles Coochey
NetSecSpec Ltd
NL T-Systems Mobile: +31 681 265 086
NL Mobile: +31 626 508 131
GIB Mobile: +350 5401 6693
Email/MSN
On 01/02/2011 15:49, Michael Scheidell wrote:
On 2/1/11 9:34 AM, Giles Coochey wrote:
On 01/02/2011 15:30, Danita Zanre wrote:
Messages from this list have been bouncing since I started enforcing
Reverse DNS lookups on my server.
Danita
Why???
Received: from mail.apache.org
Makes you wonder how many servers actually accept these messages these
days!!!
Jan 31 13:46:56 gate sendmail[28364]: p0VCkkxF028364[1]: Milter add:
header: X-Spam-Status: Yes, score=70.8 required=5.0
-and-control/appliances/
--
Best Regards,
Giles Coochey
NetSecSpec Ltd
NL T-Systems Mobile: +31 681 265 086
NL Mobile: +31 626 508 131
GIB Mobile: +350 5401 6693
Email/MSN/Live Messenger: gi...@coochey.net
Skype: gilescoochey
smime.p7s
Description: S/MIME Cryptographic Signature
On 28/01/2011 10:11, Giles Coochey wrote:
On 28/01/2011 10:02, J4K wrote:
Good morning everyone (almost the week-end),
Is X-IronPort-AV added by SA, or from something else (DCC Clamav
? )
I just noticed that all email from a certain company was flagged with
X-IronPort-AV, and I wonder
it.
spamass-milter can reject according to SA results at the SMTP session
level. The OP mentioned that.
--
Best Regards,
Giles Coochey
NetSecSpec Ltd
NL T-Systems Mobile: +31 681 265 086
NL Mobile: +31 626 508 131
GIB Mobile: +350 5401 6693
Email/MSN/Live Messenger: gi...@coochey.net
Skype
of any possible
backscatter.
Thanks
--
Best Regards,
Giles Coochey
NetSecSpec Ltd
NL T-Systems Mobile: +31 681 265 086
NL Mobile: +31 626 508 131
GIB Mobile: +350 5401 6693
Email/MSN/Live Messenger: gi...@coochey.net
Skype: gilescoochey
smime.p7s
Description: S/MIME Cryptographic Signature
as I can see.
It's not too difficult to understand the source of the spamass-milter
package... that might be your best documentation and help
--
Best Regards,
Giles Coochey
NetSecSpec Ltd
NL T-Systems Mobile: +31 681 265 086
NL Mobile: +31 626 508 131
GIB Mobile: +350 5401 6693
Email/MSN/Live
to successfully send
me mails - it's the equivalent of sealing my letterbox on Mondays,
Wednesdays and Fridays for me, and I want near-real time email
communication.
--
Best Regards,
Giles Coochey
NetSecSpec Ltd
NL T-Systems Mobile: +31 681 265 086
NL Mobile: +31 626 508 131
GIB Mobile: +350 5401
a difference, but I still don't want to take the risk.
--
Best Regards,
Giles Coochey
NetSecSpec Ltd
NL T-Systems Mobile: +31 681 265 086
NL Mobile: +31 626 508 131
GIB Mobile: +350 5401 6693
Email/MSN/Live Messenger: gi...@coochey.net
Skype: gilescoochey
smime.p7s
Description: S/MIME
On 13/01/2011 21:06, Brendan Murtagh wrote:
Thank you all for your quick responses and suggestions. I went ahead and
adjusted the threshold from 3.00 to 5.00. I'll continue to monitor how the
server is reacting to spam as we move forward.
Thanks again for your help.
-Brendan
The method I use,
traffic to be sure.
Where should I be looking for a configuration difference that would cause this?
local.cf:
use_razor2 1
... I would check permisions for the razor-agent and check that it is
registered for the user that runs your site-wide spamassassin.
--
Best Regards,
Giles Coochey
Regards,
Giles Coochey
NetSecSpec Ltd
NL Mobile: +31 626 508 131
Gib Mobile: +350 5401 6693
Email/MSN/Live Messenger: gi...@coochey.net
Skype: gilescoochey
smime.p7s
Description: S/MIME Cryptographic Signature
You may setup a regexp rule in the /etc/local.cf file of your SA
installation, but a simple rule like the one you suggest may easily yield
FPs (False Positives, ie: non-spam messages may get into your trashcan).
What if a friend of yours sends you an email asking to lend your
chronometer...
On Thu, September 16, 2010 13:28, Martin Gregorie wrote:
On Thu, 2010-09-16 at 07:28 +0200, Per Jessen wrote:
http://public.jessen.ch/files/mazeweb-spam.jpeg
A cynic might wonder whether it also harvests valid e-mail addresses.
Appears to be a perfectly reputable service to me... what makes
On Tue, September 14, 2010 09:41, Hans-Werner Friedemann wrote:
Hi @ all
i want to achieve a kind of auto-mass-import of eml-Files with sa-learn.
The SPAM and HAM mails will be saved in different folders.
Is it possible that sa-learn looks ervery 15 Minutes in these folders
and imports
all
50 matches
Mail list logo