if someone user 5 as their number.
Also, lots of discussion, and 'bugs' in bugzilla suggest adding
additional tests to this to try to reduce the FP count.
I am using 3.2.4, with sa-update, and haven't really seen anything
change on this one.
--
Michael Scheidell, CTO
Main: 561-999-5000
, rendering Mail::DomainKeys obsolete.)'
},
--
Michael Scheidell, CTO
|SECNAP Network Security
Winner 2008 Network Products Guide Hot Companies
FreeBsd SpamAssassin Ports maintainer
Charter member, ICSA labs anti-spam consortium
Just block anything from 'yahoo' that contains blogspot in it.
Even dkim signed email. (yahoo has send be back 'ignorantgrams' claiming
that valid/dkim signed email from yahoo wan't from yahoo),
Grammer detection? Shoot, you would drop 90% of the email from the
teenagers.
--
Michael
2008 23:08:32 -0800 (PST)
Message-ID: [EMAIL PROTECTED]
--
Michael Scheidell, CTO
|SECNAP Network Security
Winner 2008 Network Products Guide Hot Companies
FreeBsd SpamAssassin Ports maintainer
Charter member, ICSA labs anti-spam consortium
?
--
Michael Scheidell, CTO
|SECNAP Network Security
Winner 2008 Network Products Guide Hot Companies
FreeBsd SpamAssassin Ports maintainer
Charter member, ICSA labs anti-spam consortium
_
This email has been scanned and certified
least, just account for a high bayes or razor score.
score HABEAS_ACCREDITED_COI -1.0
score HABEAS_ACCREDITED_SOI -0.5
score HABEAS_CHECKED 0
--
Michael Scheidell, CTO
|SECNAP Network Security
Winner 2008 Network Products Guide Hot Companies
FreeBsd SpamAssassin Ports maintainer
Charter member
don't remember, they aren't around anymore)
--
Michael Scheidell, CTO
|SECNAP Network Security
Winner 2008 Network Products Guide Hot Companies
FreeBsd SpamAssassin Ports maintainer
Charter member, ICSA labs anti-spam consortium
are NOT running
sa-update, run it.
hotmail changes their servers like boy george changes eye liner. unless
you keep up with them, you will get FP's
If you can't upgrade, set score to 0.
--
Michael Scheidell, CTO
Main: 561-999-5000, Office: 561-939-7259
*| *SECNAP Network Security Corporation
Maybe this is it:
(February 25, 2008)
Spammers have figured out a way to defeat the Gmail Captcha
challenge-response mechanism, which is used to ensure that requests to
create new accounts are coming from real people and not from automated
programs. Spammers successfully broke the Hotmail
Express 6.00.2900.3138
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3198
Return-Path: [EMAIL PROTECTED]
--
Michael Scheidell, CTO
Main: 561-999-5000, Office: 561-939-7259
*| *SECNAP Network Security Corporation
Winner 2008 Technosium hot company award.
www.technosium.com/hotcompanies/ http
not seeing them.
You using any SARES' rules? If you have the cpu cycles, try that. Also make
sure you have latest SpamAssassin and are also running sa-update. If you
use sa-compile, make sure you run it every time you update rules.
--
Michael Scheidell, CTO
|SECNAP Network Security
Winner 2008 Network
Scheidell [EMAIL PROTECTED]
Cc: users@spamassassin.apache.org users@spamassassin.apache.org
Subject: Re: Pbl.spamhaus.org down?
Michael Scheidell wrote:
In fact, I found several sites (different networks, not mine) where it
doesn't work.
(I don't query more than 10,000 per day)
Perhaps
From: SM [EMAIL PROTECTED]
Date: Fri, 22 Feb 2008 15:06:23 -0800
To: Michael Scheidell [EMAIL PROTECTED], users@spamassassin.apache.org
Subject: Re: Pbl.spamhaus.org down?
This is odd. A query to zen.spamhaus.org returned two answers.
You don't want to query .zen... Since it is a subzone
working phone numbers.
--
Michael Scheidell, CTO
|SECNAP Network Security
Winner 2008 Network Products Guide Hot Companies
FreeBsd SpamAssassin Ports maintainer
Charter member, ICSA labs anti-spam consortium
_
This email has been
From: mouss [EMAIL PROTECTED]
Date: Sat, 23 Feb 2008 14:48:04 +0100
Cc: users@spamassassin.apache.org users@spamassassin.apache.org
Subject: Re: Pbl.spamhaus.org down?
Michael Scheidell wrote:
From: Bob Amen [EMAIL PROTECTED]
Organization: O'Reilly Media, Inc.
Date: Fri, 22 Feb 2008 17
From: mouss [EMAIL PROTECTED]
Date: Sat, 23 Feb 2008 14:48:04 +0100
Cc: users@spamassassin.apache.org users@spamassassin.apache.org
Subject: Re: Pbl.spamhaus.org down?
Michael Scheidell wrote:
From: Bob Amen [EMAIL PROTECTED]
Organization: O'Reilly Media, Inc.
Date: Fri, 22 Feb 2008 17
If you don't know what you are talking about, don't prove what an idiot you
are.
We have more than 100,000 users. We are a commercial service. They don't
post the prices. Read the post again.
--
Michael Scheidell, CTO
|SECNAP Network Security
Winner 2008 Network Products Guide Hot Companies
.pbl.spamhaus.org: No answer
If you find it works for you, restart your name server (flush cache) and try
again.
--
Michael Scheidell, CTO
|SECNAP Network Security
Winner 2008 Network Products Guide Hot Companies
FreeBsd SpamAssassin Ports maintainer
Charter member, ICSA labs anti-spam consortium
SM wrote:
At 13:22 22-02-2008, Michael Scheidell wrote:
Been down long?
93.244.183.212.pbl.spamhaus.org
server ns8.spamhaus.org
host 93.244.183.212.pbl.spamhaus.org 194.109.9.7
;; connection timed out; no servers could be reached
scanner# host 93.244.183.212.pbl.spamhaus.org
--
Michael Scheidell, CTO
|SECNAP Network Security
Winner 2008 Network Products Guide Hot Companies
FreeBsd SpamAssassin Ports maintainer
Charter member, ICSA labs anti-spam consortium
Works fine for me. Are you sure you weren't blocked?
In fact, I found several sites (different networks
is handled by 400 hormel.com.mail8.psmtp.com.
Hormel.com is only using 4.
I have seen 5 a lot. I didn't check and do statistics on which ones do and
which ones don't.
--
Michael Scheidell, CTO
|SECNAP Network Security
Winner 2008 Network Products Guide Hot Companies
FreeBsd SpamAssassin Ports
mx 5 (or anyone else) deserve to have their
email dropped. Legit clients have 4 tries to get a valid server.
Didn't qmail have a problem if it hit a 'dead' primary mx server first?
--
Michael Scheidell, CTO
|SECNAP Network Security
Winner 2008 Network Products Guide Hot Companies
FreeBsd
'). But is it
maybe a dangerous practice to fight spam? Anyway, does anyone suggest me
to use URIBL?
Are you looking for a PRE QUEUE blacklist? Or a way to help score
SpamAssassin emails?
URIBL (I think from spamcop/ironport/cisco) is already included in modern SA
builds.
--
Michael Scheidell, CTO
From: Francesco Abeni [EMAIL PROTECTED]
Date: Tue, 19 Feb 2008 11:55:59 +0100
To: users@spamassassin.apache.org
Subject: [OT] Bogus MX opinions
Good morning everyone, i'm in charge of reducing SPAM at a customer
site. Already have SPAMASSASSIN, sa-update weeklyexecuted.
I'd like to
public ip? No big deal, nat incoming 25 a standalone
appliance, scan email, send to windows box on port 26 (config windows to
listen to port 26)
Only have 1U space available ?
Is this a political issue? (ie: RFP says that the anti-spam system must run
under windows?)
--
Michael Scheidell, CTO
|SECNAP
The default is to only bind spamd on localhost.
Read the faq, use the man page. It will help you
--
Michael Scheidell, CTO
|SECNAP Network Security
Winner 2008 Network Products Guide Hot Companies
_
This email has been
complaints, or requiring you to fill our forms on their web site.
Maybe you don't want to 100% block them, but you can look for old RFCI rules
and score them higher.
--
Michael Scheidell, CTO
|SECNAP Network Security
Winner 2008 Network Products Guide Hot Companies
Use Razor.
Its faster, more people use it, (the more you use it the more accurate it
is) and its no longer restricted.
--
Michael Scheidell, CTO
|SECNAP Network Security
Winner 2008 Network Products Guide Hot Companies
From: Marc Perkel [EMAIL PROTECTED]
Date: Tue, 05 Feb 2008 17:07:02 -0800
To: users@spamassassin.apache.org
Subject: Exchange Question - OT
Looking for someone who is familiar with exchange.
Is there a setting in Exchange (asking for someone else) so that mail to
domain.com is routed
and since it is 'expensive' to vend, it would almost
eliminate the possibility that it is bulk.
One of the fields is the number of recipients, so if you want to eliminate
bulk email signed by hashedpuzzle, you could read that value.
--
Michael Scheidell, CTO
|SECNAP Network Security
Winner 2008
do you think?
--
Michael Scheidell, CTO
Main: 561-999-5000, Office: 561-939-7259
*| *SECNAP Network Security Corporation
Winner 2008 Technosium hot company award.
www.technosium.com/hotcompanies/ http://www.technosium.com/hotcompanies
or supporting
anti-spam systems)
Eventually, after testing and feedback, I will send these patches to
Apache/SpamAssassin group.
--
Michael Scheidell, CTO
SECNAP Network Security
_
This email has been scanned
bugzilla entry as well since I suspect many people have same
problem.
--
Michael Scheidell, CTO
|SECNAP Network Security
Thanks
Fletcher
_
This email has been scanned and certified safe by SpammerTrap(tm).
For Information
One more thing: email to them, ar.com alices-registery, ANYTHING bounces.
Any DNS blacklist provider who is not transparent and accessible needs to
stop being used.
(example: blocked.secnap.net They rules for use are VERY explicit) and we
are VERY easy go get ahold of
--
Michael Scheidell
/make.conf
THIRD, do a 'make config' from SA ports directory and see if SSL and
SPAMC are selected.
FOURTH, when you fix it, submit patches (to ports if patches to
bsd.openssl.mk)
--
Michael Scheidell, CTO
SECNAP Network Security Corporation
Get Free Security news and alerts in your inbox:
http
-Original Message-
From: Leonardo Rodrigues Magalhães [mailto:[EMAIL PROTECTED]
Sent: Saturday, December 29, 2007 8:02 AM
To: spamassassin ML
Subject: question on reverse DNS
i would like to give some score for messages that came from IP
addresses that does not have the
--
Michael Scheidell, CTO
|SECNAP Network Security
_
This email has been scanned and certified safe by SpammerTrap(tm).
For Information please see http://www.spammertrap.com
_
[mss: I looked on the list, didn't see this mentioned.. maybe
SpamAssassin(tm) can reapply for a registered trademark now.]
On Nov. 21, the Trademark Trial and Appeal Board dismissed
Hormel Foods Corp.s
petition to cancel thetrademarkregistration
owned by Seattle-based Spam
Arrest, LLC,
for
If not for the -4 score for SA list on this it would have caught it with
these other rules:
You using any SAREs rules?
MANGLED_CIALIS=2.5, SARE_OBFU_CIALIS=1.627,
URIBL_BLACK=1.955, URIBL_JP_SURBL=1.501]
--
Michael Scheidell, CTO
Office: 561-999-5000 x 1259
Direct: 561-939-7259
Real
the question is what?
how to train sa-learn without populating folders or how to get a corpus
of 'non spam'?
The FAQ's suggest getting emails from your 'sent items' folder.
--
Michael Scheidell, CTO
Office: 561-999-5000 x 1259
Direct: 561-939-7259
Real time security alerts: http
Find out why that company sends messy spams.
Help them fix it.
But, don't whitelist from. you will get forged spam.
use the 'received', spf or dkim versions.
--
Michael Scheidell, CTO
Office: 561-999-5000 x 1259
Direct: 561-939-7259
Real time security alerts: http://www.secnap.com/news
to receive email.
Change the score to 10 and don't look back.
Let their users have their own isolated piece of the spam infected
world.
--
Michael Scheidell, CTO
Office: 561-999-5000 x 1259
Direct: 561-939-7259
Real time security alerts: http://www.secnap.com/news
We had a similar issue, don't know if it was resolved.
(but since this might be an amavisd-new issue, try the amavisd-new mail
group)
Try adding this to local.cf:
add_header all Relay-Country _RELAYCOUNTRY_
--
Michael Scheidell, CTO
Office: 561-999-5000 x 1259
Direct: 561-939-7259
Real time
Matt is right.. Uri country and relay-country not related.
Might go over to the amavisd-new groups and ask.
If SA sees it and amavisd-new doesn't, then ask in the amavisd group.
--
Michael Scheidell, CTO
Office: 561-999-5000 x 1259
Direct: 561-939-7259
Real time security alerts: http
you need to read more about SPF.
this isn't a SA SPF problem, this is a problem with your understanding
of how spf works.
did you bother to check to see if the host had a spf helo record?
host -t txt ml110a.qnet.com.pe
ml110a.qnet.com.pe has no TXT record
it doesn't.
--
Michael
and requires the perl module 'Archive::Tar'.
In fact, if you have Archive::Tar, you might check the README for
mininum versions
Missing or down rev module could cause the problem
--
Michael Scheidell, CTO
Office: 561-999-5000 x 1259
Direct: 561-939-7259
Real time security alerts: http
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Friday, October 19, 2007 9:16 PM
To: users@spamassassin.apache.org
Subject: Re: Check $HOME for an ever growing razor-agent.log
-rw--- 1 854 2007-10-20 08:20 server.c103.cloudmark.com.conf
-Original Message-
From: Luis Hernán Otegui [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 18, 2007 11:49 AM
To: [EMAIL PROTECTED]
Cc: users@spamassassin.apache.org
Subject: Re: upgrade question
Hi, Chuck
Well, it all depends on how do you have installed SA, and
your
3.18 is unsupported.
please update to latest versions.
--
Michael Scheidell, CTO
Office: 561-999-5000 x 1259
Direct: 561-939-7259
Real time security alerts: http://www.secnap.com/news
_
This email has been scanned
-Original Message-
From: Lars Ippich [mailto:[EMAIL PROTECTED]
Sent: Friday, October 12, 2007 11:05 PM
To: Mark Martinec
Cc: users@spamassassin.apache.org
Subject: Re: 8bit encoding in mail header by SpamAssassin
This is not a default behaviour, normally such errors in header are
-Original Message-
From: Lars Ippich [mailto:[EMAIL PROTECTED]
Sent: Saturday, October 13, 2007 10:34 AM
To: Michael Scheidell
Cc: users@spamassassin.apache.org
Subject: Re: 8bit encoding in mail header by SpamAssassin
That is what I am here for, because the bad headers seem
-Original Message-
From: Lars Ippich [mailto:[EMAIL PROTECTED]
Sent: Saturday, October 13, 2007 10:48 AM
To: Michael Scheidell
Cc: users@spamassassin.apache.org
Subject: Re: 8bit encoding in mail header by SpamAssassin
Sounds like he created a custom X-Spam header and forgot
-Original Message-
From: cpayne [mailto:[EMAIL PROTECTED]
Sent: Sunday, October 07, 2007 8:17 AM
To: SpamAssassin
Subject: ispell
Guys,
Is there a way I could have spamassassin work with ispell or
some spell
program, and for every misses spell work a 1 point? I think we
Well with any dictionary program, you can add customize words. I was
just thinking it would be a great tool.
Its spamassassin, you can add customized words. If you really insist on
this, SA is also open source, go build yourself an ispell plugin.
, including server-side polymorphic malware
-Original Message-
From: Stoney Brooks [mailto:[EMAIL PROTECTED]
Sent: Monday, October 01, 2007 7:26 PM
To: Michael Scheidell
Subject: Webinar: Ferris Research and Commtouch cordially invite you to
a Reputation Services Webinar
Dear
Plug for amavisd:
Google for amavisd-new.
It can handle per user wblists, policies, quarantining, etc.
--
Michael Scheidell, CTO
Office: 561-999-5000 x 1259
Direct: 561-939-7259
Real time security alerts: http://www.secnap.com/news
And amavisd user mysql for wblisting and policy banks .
--
Michael Scheidell, CTO
Office: 561-999-5000 x 1259
Direct: 561-939-7259
Real time security alerts: http://www.secnap.com/news
_
This email has been scanned
-Original Message-
From: David B Funk [mailto:[EMAIL PROTECTED]
Sent: Monday, September 24, 2007 12:07 AM
To: Michael Scheidell
Cc: users@spamassassin.apache.org; Amavis-Users
Subject: RE: Q about mail proxy servers and setups
On Sun, 23 Sep 2007, Michael Scheidell wrote
If whoever's responsible for the proxy is not able to
implement normal recipient validation, I think this makes a
good case that they aren't able to keep it running adequately.
Its worse, we have to feed it to 'yap' (yet another proxy) and THAT
proxy also does no recipient validation, so
contact address on every
email from the 'local network'.
If you don't put it in there, it breaks some of the things I mentioned
above.
Anything else I missed?
Any solutions other then take the proxy server out and replace it with
the SpamAssassin/MTA combo?
--
Michael Scheidell, CTO
Office: 561
Anyone have an answer that isn't obvious?
I already said I can't put it on the proxy.
--
Michael Scheidell, CTO
Office: 561-999-5000 x 1259
Direct: 561-939-7259
Real time security alerts: http://www.secnap.com/news
that does more than email.
Many firewalls 'proxy' the email also, so its not like you can take it
out.
(oh, turn off Cisco's smtp mail fixup was another thing I found when
dealing with odd ball setups)
Thanks to everyone who had real answers.
--
Michael Scheidell, CTO
Office: 561-999-5000 x 1259
the proxy to at LEAST have a copy of the valid userlist,
NOT muck with the headers.
MAYBE do its load balancing via bridging rather than store forward.
That might fix a lot. But then again, it would be easier to replace the
proxy than fix it.
--
Michael Scheidell, CTO
Office: 561-999-5000 x 1259
Direct
Or, better yet, just change the name on the email to lines when you
complain to many isp's.
They forward those to the spammers who happily add you to their 'known
valid email address list'.
Also, google for various opt-out pages. You opt out of the wrong page,
you know you will get spam.
Also,
Even though this is not a specific SpammAssassin issue, and should be
better addresses with the hosting provider, I would suggest the easiest
thing to do would be to find a hosting provider that can sell you a
virtual server.
--
Michael Scheidell, CTO
Office: 561-999-5000 x 1259
Direct: 561-939
.
--
Michael Scheidell, CTO
SECNAP Network Security Corporation
Keep up to date with latest information on IT security: Real time
security alerts:
http://www.secnap.com/news
_
This email has been scanned and certified safe
to help SA is disable network tests till its done.
Visit the mailing list or FAQ's of the MTA you are using for more help
on this.
(example: smtp connection limiting, session tarpiting, even some
firewall rules to limit concurrent connections might help)
--
Michael Scheidell, CTO
SECNAP Network
-Original Message-
From: mouss [mailto:[EMAIL PROTECTED]
Sent: Saturday, August 25, 2007 3:52 PM
To: users@spamassassin.apache.org
Subject: Re: Posioned MX is a bad idea [Was: Email forwarding
and RBL trouble]
sure, which may lead to the creation of a dedicated blacklist.
-Original Message-
From: Kai Schaetzl [mailto:[EMAIL PROTECTED]
Sent: Sunday, August 26, 2007 12:31 PM
To: users@spamassassin.apache.org
Subject: Re: Posioned MX is a bad idea [Was: Email forwarding
and RBL trouble]
Michael Scheidell wrote on Sun, 26 Aug 2007 09:54:16 -0400
have an end to world poverty and
hunger)
--
Michael Scheidell, CTO
SECNAP Network Security Corporation
(561) 999-5000 [EMAIL PROTECTED]
http://www.secnap.com/
.
That way you can see how.
Maybe, to help SA, you can disable all network tests for a short time
(see local.cf)
--
Michael Scheidell, CTO
SECNAP Network Security Corporation
Keep up to date with latest information on IT security: Real time
security alerts:
http://www.secnap.com/news
-Original Message-
From: Kai Schaetzl [mailto:[EMAIL PROTECTED]
Sent: Friday, August 17, 2007 3:31 PM
To: users@spamassassin.apache.org
Subject: prerequisites for SA according to Makefile.PL
I'm installing the prerequisites for SA on a Centos 5 system
for the first
time and
://jason.long.name/dkimproxy/dkimproxy-0.16.tar.gz: Forbidden
(yes, I know that's not the latest version) but even the dkimproxy page
is down.
(except for google cache)
--
Michael Scheidell, CTO
Join SECNAP at SecureWorld Detroit October 9-10
http://www.secnap.com/events for free and discounted seminar
-Original Message-
From: ram [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 14, 2007 6:07 AM
To: users@spamassassin.apache.org
Subject: fake MX records
http://wiki.apache.org/spamassassin/OtherTricksthis page mentions
setting up fake MXes
Is this method relevant
.
If you are running spamd or amavisd-new, these must be restarted.
--
Michael Scheidell, CTO
Join SECNAP at SecureWorld Detroit October 9-10
http://www.secnap.com/events for free and discounted seminar tickets
_
This email has
-Original Message-
From: Matus UHLAR - fantomas [mailto:[EMAIL PROTECTED]
Sent: Saturday, August 04, 2007 4:08 AM
To: users@spamassassin.apache.org
Subject: Re: hallmark greeting card spam and broken spf records.
On Friday 03 August 2007, Michael Scheidell wrote:
(yes, spf
(yes, spf is broken) especially when companies like hallmark, who know
they are being used as 'phishing' targets list the whole world as
authoritative mail servers.
I say damn them all, blacklist hallmark till they at least fix their spf
records: (i suspect its the :12 9 )? shb a period?
on
-Original Message-
From: McDonald, Dan [mailto:[EMAIL PROTECTED]
Sent: Friday, August 03, 2007 2:45 PM
To: users@spamassassin.apache.org
Subject: Re: hallmark greeting card spam and broken spf records.
On Fri, 2007-08-03 at 13:26 -0400, Michael Scheidell wrote:
(yes, spf
to select/deselect any options you may or may not want,
then:
portupgrade -R p5-Mail-SpamAssassin and wait.
--
Michael Scheidell, CTO
SECNAP Network Security Corporation
Keep up to date with latest information on IT security: Real time
security alerts:
http://www.secnap.com/news
Idiot, at least read the thread before commenting on something a month
old.
--
Michael Scheidell, CTO
SECNAP Network Security Corporation
Keep up to date with latest information on IT security: Real time
security alerts:
http://www.secnap.com/news
])
by GSNJSPT01.galaxy.lan (Postfix) with ESMTP id 82BA9524C26
--
Michael Scheidell, CTO
http://www.secnap.com/events for free and discounted seminar tickets
_
This email has been scanned and certified safe by SpammerTrap(tm
-Crypt-OpenSSL-Bignum-0.04
drwxr-xr-x 2 root wheel 512 Jul 29 09:13
p5-Crypt-OpenSSL-Random-0.04
I will try to see which one of these fixed it and submit it to jason
long as a dependency.
If anyone wants to try my sample email, let me know and I'll zip and
send it to you.
--
Michael
This version of Crypt-OpenSSL-RSA is needed:
p5-Crypt-OpenSSL-RSA=0.24
this won't work:
p5-Crypt-OpenSSL-RSA-0.23_1
su vscan -c spamassassin -t sample.eml
[650] warn: Premature end of base64 data at
/usr/local/lib/perl5/site_perl/5.8.8/Mail/DKIM/Algorithm/dk_rsa_sha1.pm line 86.
-Original Message-
From: Bill Landry [mailto:[EMAIL PROTECTED]
Sent: Monday, July 23, 2007 6:16 PM
To: Michael Scheidell
Cc: users@spamassassin.apache.org
Subject: Re: Solved: Was: DKIM vs DomainKeys plugins
Michael Scheidell wrote:
What version of Mail::DKIM are you running
: RE: Solved: Was: DKIM vs DomainKeys plugins
X-Mailer: FirstClass 8.3 (build 8.283)
X-FC-Icon-ID: 2031
X-FC-SERVER-TZ: 181272840
X-FC-MachineGenerated: true
To: Michael Scheidell [EMAIL PROTECTED]
From: [EMAIL PROTECTED], [EMAIL PROTECTED]
MIME-Version: 1.0
Content-Type: multipart/alternative
server and dns servers.
While you are at it, your biggest problems are the RFC ones.
Assign a valid postmaster, abuse and make sure your contact info for
whois is right.
That is a total higher score much larger than the dul list.
--
Michael Scheidell, CTO
SECNAP Network Security Corporation
Keep
-Original Message-
From: Matt Kettler [mailto:[EMAIL PROTECTED]
Sent: Sunday, July 22, 2007 11:21 AM
To: Michael Scheidell
Cc: users@spamassassin.apache.org
Subject: Re: DKIM vs DomainKeys plugins
Looking at the messages, apparently verizon re-arranges the
message headers
-Original Message-
From: Robot Terror [mailto:[EMAIL PROTECTED]
Sent: Friday, July 20, 2007 4:28 PM
To: Skip Brott; spamd
Subject: Re: not everyone is happy with SA
On 7/20/07 12:55 PM, Skip Brott [EMAIL PROTECTED] ostensibly wrote:
If I send an email to a valid
address,
-Original Message-
From: Bill Landry [mailto:[EMAIL PROTECTED]
Sent: Monday, July 23, 2007 8:56 AM
To: Michael Scheidell
Cc: users@spamassassin.apache.org
Subject: Re: Solved: Was: DKIM vs DomainKeys plugins
Michael Scheidell wrote:
Here is what I found out:
You only
Ok, seems to work now, not sure why it wasn't.
Thanks all.
--
Michael Scheidell, CTO
SECNAP Network Security Corporation
Keep up to date with latest information on IT security: Real time
security alerts:
http://www.secnap.com/news
-Original Message-
From: Marc Perkel [mailto:[EMAIL PROTECTED]
Sent: Saturday, July 21, 2007 12:14 PM
To: users@spamassassin.apache.org
Subject: Screwed up Perl install [OT]
If I have a machine with a screwed up perl configuration,
some installed
in /usr/lib/perl5 and some
-Original Message-
From: Matt Kettler [mailto:[EMAIL PROTECTED]
Sent: Friday, July 20, 2007 10:38 PM
To: Michael Scheidell
Cc: users@spamassassin.apache.org
Subject: Re: DKIM vs DomainKeys plugins
However, AFAIK, the DKIM versions of the rules should fire in
the place
Matt Kettler wrote:
Michael Scheidell wrote:
SA 3.2.1 INSTALL seems to indicate that if I use Mail-DKIM .20 or
better, I don't need Mail-DomainKeys.
I loaded Mail-DomainKeys perl libraries and will be doing some testing
to see if I can see what and why, and will post it later.
( have
So much for your stupid whitelist:
RCVD_IN_DNSWL_MED=-4,
I am setting the score to 0 for this stupid rule.
--
Michael Scheidell, CTO
SECNAP Network Security Corporation
Keep up to date with latest information on IT security: Real time
security alerts:
http://www.secnap.com/news
No problem, just uninstall it troll and go away.
--
Michael Scheidell, CTO
SECNAP Network Security Corporation
Keep up to date with latest information on IT security: Real time
security alerts:
http://www.secnap.com/news
Not sure if its something I enabled between .2 and .4, but now I get
this in headers of any email with pdf: (not sure I want it, is is needed?)
=0A=/Producer (BCL easyPDF 4.30 \(0615\))=0A=/Creator (easyPDF SDK
4.3)=0A=8 0 obj=0A=0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0=0A=0 0 0 0 0 0 0 0 0
0 0 0 0 0
SA 3.2.1 INSTALL seems to indicate that if I use Mail-DKIM .20 or
better, I don't need Mail-DomainKeys.
Because of this, I removed the Mail-DomainKeys dependency from the
FreeBsd SA port (I am the official maintainer)
I have seen a couple of issues that indicate that maybe, Mail-DKIM
isn't
-Original Message-
From: John Rudd [mailto:[EMAIL PROTECTED]
Sent: Thursday, July 19, 2007 6:06 PM
To: Graham Murray
Cc: users@spamassassin.apache.org
Subject: Re: not everyone is happy with SA
Graham Murray wrote:
John Rudd [EMAIL PROTECTED] writes:
However, it still
-Original Message-
From: David B Funk [mailto:[EMAIL PROTECTED]
Sent: Thursday, July 19, 2007 8:17 PM
To: spamassassin-users
Subject: Re: not everyone is happy with SA
On Thu, 19 Jul 2007, Dave Pooser wrote:
their 'PC' interpretation of the error code. Thus Exchange
X-Spam-Status: No, score=-1.19 tagged_above=-999 required=5
tests=[AWL=0.164,
BAYES_00=-2.599, DKIM_POLICY_SIGNSOME=0, DK_POLICY_SIGNSOME=0,
INVALID_DATE=1.245]
Date: 18 Jul 07 11:01:52 -0700
I THINK day is optional:
From rfc:
3.6.1: The origination date field
The
701 - 800 of 1049 matches
Mail list logo
