in a country
where we might be looking for work!)
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
* Official port maintainer for FreeBSD port of SpamAssassin
http://www.freebsd.org/cgi/ports.cgi?query=scheidellstype=maintainer
http://www.freebsd.org/cgi/ports.cgi?query=scheidellstype
.
http://spamassassin.1065346.n5.nabble.com/FROM-12LTRDOM-high-scored-remove-td100710.html
this is the url that hits hex
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion
.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot Company Finalist 2011
* Best Email Security Product
* Certified SNORT Integrator
of that number has
manually blacklisted you and your network :-(
oh, and you can't get past AOL's rate limiting unless you do sign up.
So, it works exactly as AOL designed it.
ESP's who listwash and don't want to disable spamming clients can't get
on AOL's good list
--
Michael Scheidell, CTO
o
for 'perl+get_tag'
what version of perl? something somewhat modern? 5.10+?
install all the missing modules and restart spamd/mia
--Richard
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best
.webme.com.287INA62.116.130.62
ns2.webme.com.287INA62.116.162.62
and it is a valid tld:
http://en.wikipedia.org/wiki/.gg
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
unsubscribe from their marketing newsletter, that is the best way
to tell the spammer/sender to find a more RFC compliant, more reliable
email marketing company or program.
of, just whitelist that person
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security
On 6/9/12 8:24 AM, haman...@t-online.de wrote:
Michael Scheidell wrote:
HS_INDEX_PARAM: tell them not to use web bugs in their marketing emails
Hi Michael,
since we are sending out newsletters (to people who really subscribed:) and I
got
the role to be my own email marketing company, I want
?
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot Company Finalist 2011
* Best Email Security Product
* Certified SNORT Integrator
patches backported from 3.4.
have you ever done a slave port? even a local one? (look at
japanese/p5-Mail-SpamAssassin for example of slave port)
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
performance impact?
- Julian
don't know, we always used WITH_PERL_MALLOC so I never tested it without.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot
-SpamAssassin-devel out.
visit here and ping them:
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6689
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
p5-Mail-SpamAssassin-3.3.2_6.
--
Michael Scheidell, CTO
|SECNAP Network Security
-Original message-
From: Julian Yap julianok...@gmail.com
To: Michael Scheidell michael.scheid...@secnap.com
Cc: users@spamassassin.apache.org users@spamassassin.apache.org
Sent: Wed, Apr 11, 2012 00:35:04
are working on.
so, anyone want to follow the FreeBSD ports/p5-Mail-SpamAssassin-devel?
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot Company Finalist
On 4/4/12 10:01 AM, Michael Scheidell wrote:
so, anyone want to follow the FreeBSD ports/p5-Mail-SpamAssassin-devel?
ok, so I am an idiot. I can't find Mail-SpamAssassin-3.4.0.tar.gz, and
the nightly build link on http://spamassassin.apache.org/downloads.cgi
points nowhere
some
time now.
correct, both of you.
previously, you needed to sign up, accept their TOS. (which allows them
to spam you),
all OT subjects aside, my issue is the 'sfh' (spam for hire) credits in
SA. and the autolearn tflags.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP
information is important might not be apparent to you. If it was,
you might have solved the problem yourself.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
as if they are 'clean' email.
So, email like this sent from other sources will eventually come in as
'clean', due to Bayesian credits.
I would like to consider tflags for all 'spam for hire' scores be
changed to net nice noautolearn
this way, at least you aren't adding insult to injury.
--
Michael
or not.
I am talking about the whole RP/IADB group of rules in general.
Some human being decided on the -3.0 score.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
is the runaround.
if this rule is truly CERTIFIED not to spam, then they had better review
us federal laws, and make this company conform.
http://pastebin.com/K0r29v6F
(even pastebin thought this was spam and made me type in chars to prove
I wasn't a robot/zombot)
--
Michael Scheidell, CTO
o: 561-999
have
submitted close to a dozen via spamassassin -r text.file
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot Company Finalist 2011
* Best Email
Sorry for bothering you guys.
Found answer to my question:
Cool.. this should be part of the stock SA rules
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot Company Finalist 2011
* Best Email Security Product
* Certified SNORT Integrator
installed.
third, since you are running amavisd-new, you should run as the amavisd user
su - vscan -c 'spamassassin -L -t -c dumptext spammail ' /dev/null
?
forth, amavisd-new adds,subtracts points, so this won't really be a
valid test.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948
the headers, and the body, even changing the actual
encoding.
so, what would you manually learn?
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot Company
day, just use bind and root zones.
if you want information on how to fix bind, then you need the bind
faq/man page/news group.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion
-malware plugins that
surfs to every url in any inbound email?
(or some forwarder recipient decides to click on of the links)
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion
score SPF_NONE1
score of zero? or 1?
regards,
kAM
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot Company Finalist 2011
* Best Email
INA69.9.186.104
;; Query time: 117 msec
;; SERVER: 10.70.1.2#53(10.70.1.2)
;; WHEN: Sun Mar 18 09:54:41 2012
;; MSG SIZE rcvd: 208
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best
anything about 9_axb_fraud.cf
what kind of data do you need?
enjoy...
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot Company Finalist 2011
* Best
, restart spamd, amavisd new, reload amavisd.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot Company Finalist 2011
* Best Email Security Product
* Certified
)
grep AXB_X_AOL_SEZ_S *
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot Company Finalist 2011
* Best Email Security Product
* Certified SNORT Integrator
...@apache.org
Name Server:NS2.SURFNET.NL
Name Server:NS3.NO-IP.COM
Name Server:NS2.NO-IP.COM
Name Server:NS1.NO-IP.COM
Name Server:NS4.NO-IP.COM
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best
Redundancy.
No-IP deploys nameservers across the globe to ensure 100% DNS uptime. No
one DNS server is at the same data center or utilizes the same Internet
connectivity. With 5 nameservers in addition to your nameserver DNS will
ALWAYS resolve!
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561
On 3/2/12 11:36 AM, Benny Pedersen wrote:
just a note to whom it might concern :)
phisting?
OUCH.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot
, use 'random' ip addresses on zombot
networks.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot Company Finalist 2011
* Best Email Security Product
On 2/22/12 7:36 AM, Antonio GutiƩrrez Mayoral wrote:
I have checked with spamassassin --lint the config and restart spamd.
I am still seeing AWL triggered on the amavis log:
and, you don't use spamd with amavisd-new.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP
On 2/22/12 8:17 AM, Antonio GutiƩrrez Mayoral wrote:
Oh, thank you! I though that restarting spamd was sufficient.
you don't run spamd at all with amavisd-new. just wasting ram/cpu/swap.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
score, would you have marked those
emails as spam? if answer is yes, disable AWL.
also, since you are using amavisd-new, you might want to ask specific
(non AWL) questions on their mailing list about backscatter. they have
a solution that might work better than AWL.
--
Michael Scheidell, CTO
://wiki.apache.org/spamassassin/AutoWhitelist
Previous version implementation
In 3.3, the plugin is not loaded by default.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot Company Finalist 2011
* Best Email Security Product
* Certified SNORT Integrator
system, use the mysql dbi, with innodb engine. less
likely to corrupt.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot Company Finalist 2011
* Best
guessing:
Received: from G9W0725.americas.hpqcorp.net ([169.254.8.28]) by
You have a microsoft cluster, where microsoft thought it would be a good
idea to use 169.254.0.0/16 ip addresses?)
Bring this up with microsoft, have them 'fix' this.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561
(no, not snmp, MIB, MIKE IN a BOX).
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot Company Finalist 2011
* Best Email Security Product
* Certified
On 1/16/12 9:36 AM, Linda Walsh wrote:
This is not permission problem --
Message I get:
have you tried to upgrade to the released version? 3.3.2?
3.0.2 was obsolete 6 years ago.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best
address reference: scheid...@freebsd.org)
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot Company Finalist 2011
* Best Email Security Product
20_vbounce.cf
-rw-r--r-- 0 updatesd dns 2549 Jan 11 22:11 23_bayes.cf
-rw-r--r-- 0 updatesd dns 1544 Jan 11 22:11 25_accessdb.cf
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion
don't have the current version of spamassassin then your
sa-update channel will be older. (case in point)
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot
On 1/8/12 9:52 PM, email builder wrote:
rpm -e --nodeps perl-IO-Socket-INET6
By the way, is there a way to grep for the errant code? My
feeble attempt didn't turn up much:
as in one of my previous emails:
'locate IO-Socket-INET6'
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
On 1/9/12 6:25 AM, Michael Scheidell wrote:
On 1/8/12 9:52 PM, email builder wrote:
rpm -e --nodeps perl-IO-Socket-INET6
By the way, is there a way to grep for the errant code? My
feeble attempt didn't turn up much:
as in one of my previous emails:
'locate IO-Socket-INET6'
locate INET6
of the FreeBSD version of sa, and running
one of the mirrors:
We use stock sa-update channel, and (local) custom rules, lots of meta
rules.
#1 priority: keep your version of sa updated, because new(er) rules and
tests are only added, or are added first to current/stable version.
--
Michael
unless the system was compiled with INET6 in the kernel.
ymmv,
Did I mention that we were not able to reproduce this in the lab? and up
till then, no other client had a problem?
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile
, but don't update it, it might now help.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot Company Finalist 2011
* Best Email Security Product
* Certified
the installation, and also under usr/pkg/share, and they
are both populated with files which look relevant.
I tweaked the script so as not to require rules, and it ran and
produced output.
utweak. you need rules.
NetBSD 4.01, working as root. What is amiss?
--
Michael Scheidell, CTO
o: 561
patch-bug6698
Date: Mon, 26 Dec 2011 18:14:37 +
From: Michael Scheidell scheid...@freebsd.org
To: ports-committ...@freebsd.org, cvs-po...@freebsd.org,
cvs-...@freebsd.org
scheidell2011-12-26 18:14:37 UTC
FreeBSD ports repository
Modified files:
mail/p5-Mail-SpamAssassin
, yes, this would be a bug in 3.4 if released, but only shows up
under one certain condition)
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot Company
I am going to update the original bug with patch.
Ill have mark look at it first.
--
Michael Scheidell, CTO
SECNAP Network Security
-Original message-
From: dar...@chaosreigns.com dar...@chaosreigns.com
To: Michael Scheidell michael.scheid...@secnap.com
Cc: users
for spam blocking.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot Company Finalist 2011
* Best Email Security Product
* Certified SNORT Integrator
the bandwidth
and cpu cycles from the largest abusers.
Regards,
KAM
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot Company Finalist 2011
* Best Email
be relayed through our servers, not theirs), but it
would raise our cost by 65%.
so, who really cares about netsuite.com them selves.. they are just a
CRM. send complaints to abuse@ and see what happens.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security
already been
included
netset: cannot include 0:0:0:0:0:0:0:1/128 as it has already been
included*
it means that the ipv6 localhost address has already been included.
Ignore this, these are not the droids you are looking for.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP
On 12/9/11 7:58 AM, Ram wrote:
If I want to mark *all* invite mails as spam
linkedin, WAYN , facebook , google+ or anything else.
Is there a global way of doing this
copy the rule that marks all phishing emails as spam, and change
'phishing' to 'invites'
--
Michael Scheidell, CTO
o
On 12/1/11 10:06 AM, Benny Pedersen wrote:
does not make sense so
hire a unix programmer to help you understand.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
bulk, and has lots of 'cruft' in it, by the time he has
gotten it forwarded to him by 20 people.
did you want it? no.
is it COMMERCIAL? no.
is it SPAM?
heck yes, I didn't want it :-)
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile
that into 3.4.0? won't hurt
anything, will it?)
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot Company Finalist 2011
* Best Email Security Product
On Wed, 30 Nov 2011 08:23:59 -0500, Michael Scheidell wrote:
sed -i '' -e '/INSERT INTO bayes_seen/s/INTO/IGNORE INTO/' MySQL.pm
(hey SA folks.. any reason not to just put that into 3.4.0? won't
hurt anything, will it?)
or simply just
ALTER TABLE `bayes_seen` ENGINE = INNODB
is available on Freebsd. Other distributions do
not all include updated dcc source due to the licensing issue, but it is
available on their web site.
Happy SpamHunting.
ps, if you have any problems with the Freebsd SA update, email me. I am
the ports maintainer for the Freebsd SA port.
--
Michael
addresses that you
haven't replied to for, say, a month but that is about all you can
delete.
sounds like amavisd-new 'penpals'.
(sliding credit score starting at -100, counting down to 0 for your time
period..).
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network
like amavisd-new penpals.
what about if your message was stored in a folder of your
correspondent, his machine is infected by a virus, and this virus
sends fake replies using your message id ? I've seen cases like that
in the past.
you can't whitelist a virus in amavisd-new.
--
Michael
On 11/24/11 3:30 PM, Martin Hepworth wrote
Rfc 5321 says I can discard if I have high confidence it's rubbish !
--
Martin
I wonder what the rfc's say about helo line not matching dns:
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
--
Michael Scheidell, CTO
o: 561
, to keep me from complaining, was a
link like twitter had: 'report this as abuse', AND, 'I never want to
hear from linked in about anything, ever again', and for US CAN-SPAM
compliance, the full, physical address of the spammer.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP
RCVD_IN_DNSWL_HI nice net noautolearn
tflags RCVD_IN_DNSWL_HI net nice noautolearn
tflags RCVD_IN_DNSWL_MED net nice noautolearn
tflags RCVD_IN_DNSWL_LOW net nice noautolearn
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions
/address
http://www.chaosreigns.com/dnswl/sa_plugin/
And I have my own IP reputation project that could use your data:
http://www.chaosreigns.com/iprep/
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
On 10/11/11 1:47 PM, John Hardin wrote:
Yahoo is in RCVD_IN_DNSWL_HI ?!?! YGBFKM!
there goes the neighborhood.
I am removing RCVD_IN_DNSWL_HI checks on our servers right now.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile
in time, you lose email.
best to write a metarule. put your def_ whitelist from (7 points), and
set up some metarules.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention
-rw-r--r-- 1 rsync rsync 236957 Aug 25 23:23 1161446.tar.gz
-rw-r--r-- 1 rsync rsync 236980 Aug 24 23:22 1161015.tar.gz
-rw-r--r-- 1 rsync rsync 236920 Aug 23 23:18 1160585.tar.gz
-rwxr--r-- 1 rsync rsync 237167 Aug 22 23:17 1160145.tar.gz
--
Michael Scheidell, CTO
o: 561-999-5000
d
by adding more status lines, then ask in amavisd-new
group.
again, this is most likely an amavisd.conf issue, so start your question
in the amavisd-new users group. don't assume they read spamassassin group.
some do, some don't.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
expect?
block spanish charset in MTA?
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot Company Finalist 2011
* Best Email Security Product
.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot Company Finalist 2011
* Best Email Security Product
* Certified SNORT Integrator
a legit forum.
I don't see anything in our larger installations, guess you just must
be blessed :-)
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot Company
rules? depricated, private rules? take
them out for now.
perl versions? update modules?
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot Company Finalist
this already?
I think postfix has some policy services to do this.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot Company Finalist 2011
* Best Email
. (which I think still says that you should
send an NDR if you can't deliver the spam :-)
getting OT here, just ranting this am.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion
.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot Company Finalist 2011
* Best Email Security Product
* Certified SNORT Integrator
it into the
official build.
causes a lot of anger, back and forth when this patch is discussed.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot Company
' with the rest
of the world.
(ok, I don't care if it plays nice with aol/hotmail/etc, you get free
email? you get what you pay for).
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention
: update tmp directory $UPDTmp);
}
elsif (!clean_update_dir($UPDTmp)) {
die channel: attempt to clean update dir failed, aborting;
}
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion
On 8/26/11 4:59 PM, Michael Scheidell wrote:
found a bug in sa-update
bigger bug.. bug is in ../Util.pm.
it will TRY to create a tmpfile on a nonexistant or read only dir,
and anything that trys to use that dir will fail and not know why.
patch to fix included.
--
Michael Scheidell
up, test, QA and make sure
any new mirror is up and running before adding it to the rotation.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot Company
modern mail
reader can read it.
oh, ps, ms outlook CAN allow you to bottom post.
you just have to move the mouse down below before you post.
(or so I have been told)
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product
MIRRORED.BY or run sa-update --refreshmirrors
now.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot Company Finalist 2011
* Best Email Security Product
mirror is back up again.
Thanks,
Michael
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot Company Finalist 2011
* Best Email Security Product
On 8/24/11 10:26 AM, Michael Cronenworth wrote:
Michael Scheidell wrote:
pccm mirror is back up again.
Huh?
$ wget daryl.dostech.ca
--2011-08-24 09:25:17-- http://daryl.dostech.ca/
Resolving daryl.dostech.ca... 71.164.246.108
Connecting to daryl.dostech.ca|71.164.246.108|:80...
(hangs
MIRRORED.BY for you, pull a new one, and use it.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot Company Finalist 2011
* Best Email Security Product
On 8/24/11 10:37 AM, Michael Cronenworth wrote:
Michael Scheidell wrote:
if you are trying to update this by hand, you are on your own.
just use sa-update (-D to watch)
it will delete MIRRORED.BY for you, pull a new one, and use it.
I *am* using sa-update. sa-update is continuously failing
On 8/24/11 10:46 AM, Michael Cronenworth wrote:
http://www.sa-update.pccc.com/ weight=5
question is... why didn't it pull from pccc.com?
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best
since at least 3am
http: GET http://daryl.dostech.ca/sa-update/asf/1160145.tar.gz request
failed, retrying: 500 Can't connect to daryl.dostech.ca:80 (connect:
timeout): 500 Can't connect to daryl.dostech.ca:80 (connect: timeout)
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
be entered into a DNSBL or two for spamming.
looks like they have to use 68.71.38.2 because
68.71.38.3 is in spamhaus's database:
http://www.mxtoolbox.com/SuperTool.aspx?action=blacklist%3a68.71.38.3
SPAMHAUS: YOU NEED TO DISTANCE YOURSELF FROM SPAMMERS AND NETWORK ABUSERS.
--
Michael Scheidell
the spf dns records wrong.
host -t txt mxtools.com
mxtools.com descriptive text v=spf1 ip4:68.71.38.3 ip4:209.44.121.50 mx ~all
so, what are you suggesting, someone HACKED into mxtools and is sending spam?
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security
On 8/20/11 9:38 AM, Benny Pedersen wrote:
you still did not post the envelope sender :(
one clue rule.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
1 - 100 of 1049 matches
Mail list logo
