Time to update your amazon abuse filters! I was surprised to see I got
spam again from amazon. They have changed their reverse lookups. I guess
there were quite a few 'blacklists' using amazonses.com. Good to see
blacklisting bigger organizations still works.
smtp-out.eu-west-1.amazonses.156
I was wondering if there is a flow chart available of how spamassassin
is processing messages by default?
>> with HTTPS (ZuckMail)
WTF this guy is mental
https://www.zerohedge.com/news/2018-03-25/dumb-f-ks-julian-assange-reminds-us-what-mark-zuckerberg-thinks-facebook-users
-Original Message-
From: @lbutlr [mailto:krem...@kreme.com]
Sent: zondag 6 december 2020 7:42
To:
I see secureserver.net and sendgrid.net, of course it gets flagged. I am
constantly harassed by these networks. I would not recommend using
secureserver.net, I think those servers are easy to hack, otherwise I
would not even know this network.
-Original Message-
From: Daryl Rose
Url blacklists? Maybe paste some headers here?
-Original Message-
To: users@spamassassin.apache.org
Subject: contact from blacklist
Hi everyone,
lately I get more and more spam from so called contact forms.
Does anyone know a blacklist for this?
Kind regards
Philipp
--
Philipp
Thanks for the update! Although I am not really an advocate for blocking
people.
-Original Message-
To: users@spamassassin.apache.org
Subject: Re: What can one do abut outlook.com?
On 26/10/20 5:17 am, Marc Roos wrote:
>> make a reality check outside your small bubble!
>
> so you want your own messages blocked everywhere?
I do not know yet. I can assume this different on something like a
mailing list. It is irritating that the From has a credible name, in
this case from a bank.
I had a phishing mail skip my spf check. The spf check was done on the
Return-Path and not the From:. Is a default convention? How does
spamassassin treat a different Return-Path and From in a message?
>> That is why it is important to read and use the brain, otherwise you
>> wander of the subject.
>waht do *you* know about brain when you don't realize that it's simply
>not doable to fight against spam by fight against large providers as
>outlook.com?
Because I understand eg there is a
of their (relatively few) unwelcome customers, you're
throwing the baby out with the bathwater.
--
John
On 2020-10-25 18:48, Marc Roos wrote:
Are you guys working for Google or Amazon or so? Maybe I
should give
something simple analogy so
> The problem with your analogy is that you are not just interacting
with one unwelcome neighbour with a defective washing machine,
> but with dozens of neighbours whose washing machines work perfectly
but who happen to share the same plumber as the unwelcome one.
I think you prove
> make a reality check outside your small bubble!
typical low iq response. I was already discussing the validity of these
soccerplayer contracts before they had to change the system.
> when you have millions of customers you can do whatever you want all
day long and you are
> simply not
I have been looking into exactly the same, don't know how I am going to
implement it still. What I know for now.
This is how you can get info on a netblock owner.
[@]$ dig +short -t txt 80.53.103.176.origin.asn.cymru.com
'48031 | 176.103.48.0/20 | UA | ripencc | 2011-12-09'
You can then
Are you guys working for Google or Amazon or so? Maybe I should give
something simple analogy so you understand.
If your neighbours washing machine breaks down, and causes you water
damage. They have to pay for cleaning up de mess they created in your
apartment. If the neighbour spills oil
> all huge mail providers with thousands/millions of customers, so there
> is no wonder there is spam included.
Google, Amazon and Microsoft have billions of cash. It is indeed a
wonder how they are not spending it on outgoing mail detection.
> mail services to a mono-culture of single
>
>
>
>> :D I thought I could query the blacklists from the command line with
>> dig
>> or so
>
>You can, at least in principle, but it would not be a single command
or
>a well-defined small set of commands if you don't have SA installed
and
>want to know the SA penalty of an URI
> and why just don't you?
I have no idea what the default ones are. Also don't know exactly the
syntax, especially when slashes are included and if hashes are used or
so.
2020, at 13:35, Marc Roos wrote:
> What is the best way to check an url against the default active
> spamassassin uribl, on a linux server that does not have spamassassin
> installed?
This is clearly in the "how do I do a thing while imposing conditions
that make impossibl
What is the best way to check an url against the default active
spamassassin uribl, on a linux server that does not have spamassassin
installed?
> I am the one who is a client of sendgrid. Before subscribing to their
service (with low volume it is free)
> many of my messages were rejected. They provide legitimacy.
So the problem here is actually that a spammer whines about being
spammed? :D But this does confirm my idea that one
>
>
>I guess you are confused by my message and I am confused by yours.
Allow me to clarify.
Oops, did not notice jpg attachment. Better to post just text.
>I have 3 lines of defense and the 2 main ones have failed. The SPAM
messages are
> undetected. You tell me that the best way is to
Very unclear problem description. First of al if you mark spam the
sender knows it is being received (and does not even know the message
has been marked). Thus the best way to treat spam, is rejecting it.
So without any other info. Start rejecting messages instead of accepting
them.
Start
Thanks for the asn tip! There is even a dns service that offers the asn
lookup. This is what I found, maybe there are more.
[@]$ dig +short -t txt 80.53.103.176.origin.asn.cymru.com
"48031 | 176.103.48.0/20 | UA | ripencc | 2011-12-09"
-Original Message-
To:
(sorry now with subject)
How can I mark emails as being spam originating from an ip range owned
by xserver.ua?
% Abuse contact for '176.103.48.0 - 176.103.63.255' is
'ab...@xserver.ua'
inetnum:176.103.48.0 - 176.103.63.255
netname:XServer-IP-Network-6
country:UA
How can I mark emails as being spam originating from an ip range owned
by xserver.ua?
% Abuse contact for '176.103.48.0 - 176.103.63.255' is
'ab...@xserver.ua'
inetnum:176.103.48.0 - 176.103.63.255
netname:XServer-IP-Network-6
country:UA
org:
> My client is massively invested in AWS with many servers, databases,
and services unrelated to mail.
> Moving to another platform is not an option.
Ever heard of a smart host? (Or at least that is what it is called with
sendmail). First think and then do, you do not have to move
> I don't doubt what you are saying. But if AWS is so horrible and
across the board everyone thinks
> anything coming from it is spam, SA isn't flagging it, and
mail-tester.com isn't flagging it,
> and both have pretty extensive blacklist references (??). I'm still
confused.
Because they
> I'm hosting on AWS. So the recommendation was to proxy my outbound
mail through AWS's SES server so it :?
> appeared that the mail came from 'trusted' Amazon.
Ehhh, amazon cloud messages are flagged by us as spam, and some ranges
are even blocked. I would try get a dedicated ip address if
But now it is Sendgrid tomorrow it is some other company, fact is were
stuck with this trend of spammers outsourcing their spam trying to mix
it with legitimate email.
Legitimate clients are not aware of this and use these companies because
of whatever ill advised reason. I am thinking
For what it is worth. I was always under the impression that most of
those companies that are using these networks known for 'harassing'
where just ignorant. I used to do business with the 'idiots' of
Tucows/opensrs, trying to explain to them that it is not really wise to
send password reset
So ask spiceworks to use a different supplier or use their own range
that is not being abused by others. Complain to spiceworks, they should
solve this problem for you. Don't do their work, unless they pay you to.
-Original Message-
To: users@spamassassin.apache.org
Subject: Why is
You should use spf for this. Except for the fact that at dhl they are to
dumb to know what servers they are using.
-Original Message-
From: Martin Gregorie [mailto:mar...@gregorie.org]
Sent: maandag 24 augustus 2020 20:25
To: micah anderson; users@spamassassin.apache.org
Subject:
> Very disappointed with sendgrid's fall from grace.
I saw once some video about angel investment, where some guy says
something like "get the money as fast as possible from your clients
pocket into yours". I would say there is little grace to be found.
> Their phishing/spam/malware and
>> you will be able to change 1 byte in the code and get the previous
rule names.
This sounds to me like putting somewhere the character 0 or 1, which
means that blacklist and whitelist words are still defined somewhere in
the code. Is that not what started the discussion?
But none the less,
>> I do wish that the handful of loud, non-contributors who have so
>> much to say about someone else’s project would shut up and fork it,
TBH.
Is that not a lot like, this is my toilet it is only for white people,
please
build your own somewhere else, you are free to do so?
> This is not a tiny change. I had hoped it would be, which is why I
supported it
> in the initial PMC vote, but it's becoming clear to me I was overly
optimistic.
Wait until you have to vote on the use of the word welcomelist.
Preferring English to other languages could be seen as
> I’m going to follow that other dude’s lead and start donating to
> Portland bail funds in your names each time you post. :)
Do know that is identity theft and a crime. Please post proof of your
action on this list.
> I really don't get why anyone would be offended by blacklistd and
whitelist
> given neither have any sort of connection to race or skin color.
That is because you have a proper logically functioning brain. Which
makes you
even part of a minority group. Hence you can look forward to
>> Oh my god, you snowflakes, please just get over yourselves.
The term "snowflake generation" was one of Collins English Dictionary's
2016 words of the year. Collins defines the term as "the young adults of
the 2010s, viewed as being less resilient and more prone to taking
offence than
> There’s only like 4 of you, you can do this with a cc: list.
4? If you don't get your facts straight, there is little to no value to
other things you write.
> I hear that the old RMA resistor color code is under attack as it is
exceptionally discriminatory.
> As you may or may not know black is the lowest value 0, brown is only
1, Red is 2. This
:D
>> You go shut your piehole
Ehhh, who exactly? Having a nice evening with a vodka bottle? ;)
> I'm a bit suspicious about some of the speedup figures quoted, and
whether rspamd was tested
> against an optimized and similarly parameterized SA. It's very easy to
make SA look bad.
I agree. I have even asked on the mailing list how many test rspamd does
and how I can configure it to
What is being used for mail that is not welcome, but still needs to be
allowed thru?
-Original Message-
To: users@spamassassin.apache.org
Subject: Re: IMPORTANT NOTICE: Rules referencing WHITELIST or BLACKLIST
in process of being Renamed
can we use something like that or is there
What about mailfromd? I have this. I am really surprised it is not in
default repo's. I also looked at rspamd, but I have a bit of a problem
with these thousands of lines of config. Also their approach towards
stats/graphics is 'old fashioned', who is programming that when you have
tools
>> It's amazing how SOME Americans are quick to jump on bandwagons
If you get older you will realize that this typical behaviour of an
average person, and you will only notice this if your thinking is above
average. Sad thing, having a system where the average person rules, one
can only
Have you looked at this rspamd? That has configuration file of 3000
lines and is sort all-inclusive solution. I think it performs quite
well.
-Original Message-
To: users@spamassassin.apache.org
Subject: Re: Thanks to Guardian Digital & LinuxSecurity for the nice
post about
You are a racist when you are not treating people equal on the basis of
the skin colour (or check definition in dictionary). Therefore anyone
associating people of darker colour with blacklist and lighter colour
with whitelist and associate this with in-equal treatment, is a racist.
No one
Blacklist all and just whitelist email addresses you want to receive
from.
-Original Message-
From: Pedro David Marco [mailto:pedrod_ma...@yahoo.com]
Sent: donderdag 16 juli 2020 9:18
To: Users
Subject: Detecting SendGrid shared IPs
Is there any way to know whether a Sendgrid IP
> We do you the courtesy of speaking English, so please do us the
courtesy of not bullying us about
> what you consider permissible or racially charged.
That is our own fault also. I have been trying to get funding for a
project to counter some US monopoly, but we have here just cheap/greedy
...@gregorie.org
Cc: Rupert Gallagher; Marc Roos; Dave Goodrich; SA Mailing list
Subject: Re: IMPORTANT NOTICE FOR PEOPLE RUNNING TRUNK re: [Bug 7826]
Improve language around whitelist/blacklist and master/slave
I would posit that the 1962 date is rooted as much in the US Civil
Rights movement
> Yeah, allow/deny is more logical but using them requires all acronyms
to change.
> After some trial and error, we dialed in the changes to welcome and
block which
> also keeps other terminology like RBL, DNSBL, WLBL, etc. consistent
> so there is less upheaval.
I associate BL with
> I like the change from whitelist/blacklist to allowlist/blocklist
because it is more descriptive.
Allow/deny list sounds more logical.
> Please Marc, stick to technical merit for your argument.
There is no technical discussion here afaik.
> Getting nasty does not solve technical problems, which we have here.
Attacks are not
> going to solve anything. Rational arguments may not. But, they should
be made just the same.
> To you and others spouting off, be reminded that this is a publicly
archived mailing list and you
> will be on the wrong side of history. Consider that when you post.
You must be feeling like a king in your little PMC? Who are you to judge
whom is on the wrong side of history. No wonder
It looks to me, like nobody is taking time to think. Just telling
someone to fork code is rediculous and shows contempt for users. If
something is opensource it does not mean you can act without any
obligations, that is naïve perspective.
If you decide to bring a kids soccer team for free to
> I never said it was being done for engineering reasons. The change is
> being done to remove racially-charged language from Apache
> SpamAssassin. As an open source project, we are part of a movement
> built on a foundation of inclusion that has changed how computing is
> done. The
> I could not resist to take a quick peek. ;-) I think I saw a message I
did not receive myself.
> But at least one message is still missing. I will look into it.
Maybe you blacklisted some guy? ;)
> > Am 11.07.20 um 01:56 schrieb RW:
> > > I thought most ISPs had outsourced or given-up on email.
> >
> > why should someone with a brain outsource anything?
>
> I don't know, why do you outsource?
>
> > > ISP email has IMO always been a way of locking-in gullible
> > > customers.
The
> I don't see a problem since blacklist/whitelist are terms the computer
industry
> just grabbed from hotel reservation desks or some place like that.
It's not
> going to stop their use by the general public of course.
I think you can go a bit further, like 1000 BC in chinese culture yin
- The following addresses had permanent fatal errors -
(reason: 553 5.1.8 ... Domain of sender
address x...@f1-outsourcing.eu does not exist)
I think netfence.it is not really doing a good job ;)
>On 2020-07-11 00:32, Mark London wrote:
>> Spamassassin is not alone.
>
>Quote:
>"If a lot of people believe in something stupid, it just doesn't stop
being stupid".
But in a democracy you will have a problem with this.
Pf, twitter, microsoft, oracle all billion dollar companies only
removing some words The news is full of black minorities having
higher risk of death in coronavirus. Unemployment is highest amongst
ethnic minorities. And these companies are only concerned filling their
pockets,
Yes, as of now we don't write apache but ehcapa. If we write every word
in reverse nobody has anything to complain any more. So everyone
continuing this thread. Please pay you respect to past generations, and
write ehcapa, tsiletihw, tsilkcalb etc!!!
-Original Message-
Subject:
Hey Pedro, I don't know for sure, I do not want to create a new problem,
but this yahoo, was this word not used during the railroad building to
encourage and push slaves to work harder? Would you mind using different
email address?
-Original Message-
Subject: Re: IMPORTANT NOTICE
You can add rspamd they have all inclusive soluation and they do not
even like if you want to customize the 3000 line counting configuration
file to do just one check.
-Original Message-
From: Matthew Broadhead [mailto:matthew.broadh...@nbmlaw.co.uk]
Sent: vrijdag 10 juli 2020
>> Good day Guys
You are being a tad discriminative, by assuming there are no ladies
reading these messages. Which is highly inappropriate for the current
thread. ;)
There was someone from akamai asking something similar on the openssl
mailing list. I told him to have a look at the composition of the akamai
executive team. I would recommend not redoing the converstation and
leaving this discussion for others to finish. FWIW this type of change
was
>> They definately do. I report to them and they do take them down
pretty quickly.
Make sure you get paid for doing this every time. Because you are doing
the work that they should be doing.
Not much yet, I got this one[1]. But I am having this check as one of
the last. Most connections are already failing with 'Possibly forged
hostname'
[1]
Jul 1 01:08:45 spam1 sendmail[19193]: 05UN8fHL019193: Milter:
from=, reject=550 5.7.1 Rejected
feedb...@service.alibaba.com SPAM
I am going to make for companies like maildrop and sendgrid a hard block
with reference to a page where someone can ask to be whitelisted with
only an email address. In this procedure clearly stating the reason of
the net block of these companies. If lots of sendgrid users are
confronted
What would be the best practice to whitelist / not process, messages
that have already been processed by a previous milter.
Maybe set a message header and whitelist on this message header?
I am also thinking about using it, and maybe creating my own ebl
whitelist. Asked on the old fashioned sendmail newsgroup (cannot even
search it), but they expect me learn this m4 language. I assume in this
era I am not the first trying to use this, anyone like to share these
few lines?
>
> bullshit - your crap idea is sending active messages and that's not a
> NDR and always wrong in case of fighting spam
When my mta generates an 554 5.7.1, my server does not even have the
senders
email address at that time. So it is impossible to send 'active
messages'
(what ever
Hi Jesse, what do you think of my point of view?
>
>
> - you are placing the burden of reducing the spam in your system on
all
> the non-spam-sending users who wish to communicate with your users.
If people want to have their free email, why not let them know about
that
their provider
Hi Alex thanks for the on topic response. Bare with my thoughts.
>
> - arbitrary valid email addresses are used as sender address by
spammers
> to avoid being blocking as unknown sender. Whenever one of your users
> gets a spam mail, some innocent unknown user gets the "click on the
@spamassassin.apache.org
Subject: Re: handling spam from gmail.
On 11.06.20 11:04, Marc Roos wrote:
>I have got lots of shit coming from *.google.com like these:
>Received: from spam1.x.xxx ([212.26.193.45]) by .xx.xx with
>Microsoft SMTPSVC(6.0.3790.4675);
>Thu, 30
I have got lots of shit coming from *.google.com like these:
Microsoft Mail Internet Headers Version 2.0
Received: from spam1.x.xxx ([212.26.193.45]) by .xx.xx with
Microsoft SMTPSVC(6.0.3790.4675);
Thu, 30 Apr 2020 02:35:01 +0200
Received: from mail-wm1-f66.google.com
I am sick of this gmail spam. Does anyone know a solution where I can do
something like this:
1. received email from adcpni...@gmail.com
2. system recognizes this email address has been 'whitelisted', continue
with 7.
3. system recognizes as this email never been seen before
4. auto reply
Nothing new, started with the amazon abuse cloud.
Just put something in your mta like this for sendmail
connect:compute-1.amazonaws.com ERROR: "Use your providers outgoing
(smtp) server"
Only recently I have noticed that they are changing reverse dns lookups
to their clients, with the
What you can do is put in your sendmail access
connect:mailchimp.com ERROR "SPAM"
This refuses any connection of ip addresses with a reverse lookup having
*.mailchimp.com
-Original Message-
Sent: 11 March 2020 00:15
To: users@spamassassin.apache.org
Subject: How to block
Can you post the message header?
-Original Message-
From: Daryl Rose [mailto:rosed...@gmail.com]
Sent: 11 March 2020 00:15
To: users@spamassassin.apache.org
Subject: How to block chimpmail emails?
I receive several marking emails from chimpmail. I've tried adding the
from email
Use ipset, hardly causing any latency using 50k entries.
-Original Message-
From: Benny Pedersen [mailto:m...@junc.eu]
Sent: 03 March 2020 15:39
To: users@spamassassin.apache.org
Subject: Re: Question on early detection for relay spam
Riccardo Alfieri skrev den 2020-03-03 14:53:
#
>I know this is probably off topic but I'm getting desperate enough to
ask.
No problem I would say, it is good exchange thoughts and idea's
>I run a commercial mailserver that regularly seems to have spammers
>relay mail through it that have obtained stolen credentials for a
user.
>
You should maintain also your own rbl with soft and hard blocking of ip
ranges. Problem with only marking emails is, is that the spam network is
not 'learning' that their emails are being blocked.
-Original Message-
To: users@spamassassin.apache.org
Subject: From Spoofed
Hey
How to mark all messages from *hostwindsdns.com server?
192.236.198.0
192.236.198.1
192.236.198.2 client-192-236-198-2.hostwindsdns.com.
192.236.198.3 client-192-236-198-3.hostwindsdns.com.
192.236.198.4 client-192-236-198-4.hostwindsdns.com.
192.236.198.5
What options are available to 'unmark' a spam message. I have some
frontend servers that are marking mail from eg. mailchimp as spam. But
some users want to unmark a newsletter email or so.
Maybe some solution that works with roundcube and managesieve?
87 matches
Mail list logo
