On 07/10/2009 09:01 PM, Paweł Tęcza wrote:
Please see my initial post on Pastebin:
http://pastebin.com/f6a83e9fb
If it's true that all those domains resolve to just a handful of IP
addresses, then why aren't they listed in - oh wait - SURBLs don't cover
IPs just the DNS names - argh!
Is
On Fri, July 10, 2009 11:01, Pawe? T?cza wrote:
http://pastebin.com/f6a83e9fb
one rule:
meta URI_NOT_WHITELISTED (__HAS_ANY_URI !__LOCAL_WHITE)
make a __LOCAL_WHITE list in sa eithter with rbldnsd or direct as rule in sa
will stop such lammers forever :)
--
xpoint
On Fri, 2009-07-10 at 11:01 +0200, Paweł Tęcza wrote:
Hi,
Because of Apache.org spam filters I can't send here my message about
spammers again:
Jul 9 22:32:07 hermes2 courieresmtp:
id=00174B77.4A5653AA.7F82,from=pte...@uw.edu.pl,addr=users@spamassassin.apache.org:
On Fri, 2009-07-10 at 21:26 +1200, Jason Haar wrote:
On 07/10/2009 09:01 PM, Paweł Tęcza wrote:
Please see my initial post on Pastebin:
http://pastebin.com/f6a83e9fb
If it's true that all those domains resolve to just a handful of IP
addresses, then why aren't they listed in - oh
rich...@buzzhost.co.uk wrote:
On Fri, 2009-07-10 at 21:26 +1200, Jason Haar wrote:
On 07/10/2009 09:01 PM, Paweł Tęcza wrote:
Please see my initial post on Pastebin:
http://pastebin.com/f6a83e9fb
If it's true that all those domains resolve to just a handful of IP
addresses, then why
On Fri, 2009-07-10 at 10:58 +0100, Steve Freegard wrote:
rich...@buzzhost.co.uk wrote:
On Fri, 2009-07-10 at 21:26 +1200, Jason Haar wrote:
On 07/10/2009 09:01 PM, Paweł Tęcza wrote:
Please see my initial post on Pastebin:
http://pastebin.com/f6a83e9fb
If it's true that all those
rich...@buzzhost.co.uk wrote:
On Fri, 2009-07-10 at 21:26 +1200, Jason Haar wrote:
On 07/10/2009 09:01 PM, Paweł Tęcza wrote:
Please see my initial post on Pastebin:
http://pastebin.com/f6a83e9fb
If it's true that all those domains resolve to just a handful of IP
On Fri, July 10, 2009 11:58, Steve Freegard wrote:
See 'uridnsbl' in Mail::SpamAssassin::Plugin::URIDNSBL
its more or less a URIDNSWL plugin needed, with can reverse all black into
white eg if not found on uribl_black gives -negative
scores, and if its still have some uri at all give positive
On 7/10/2009 12:20 PM, Benny Pedersen wrote:
On Fri, July 10, 2009 11:58, Steve Freegard wrote:
See 'uridnsbl' in Mail::SpamAssassin::Plugin::URIDNSBL
its more or less a URIDNSWL plugin needed, with can reverse all black into
white eg if not found on uribl_black gives -negative
scores, and
On Fri, July 10, 2009 12:29, Yet Another Ninja wrote:
5 minutes later.. idea buried?
a frind one time said to me anyone can hate, it cost to love thats why i
belive whitelist it a better route then blacklist is
--
xpoint
Matt Kettler wrote:
rich...@buzzhost.co.uk wrote:
On Fri, 2009-07-10 at 21:26 +1200, Jason Haar wrote:
On 07/10/2009 09:01 PM, Paweł Tęcza wrote:
Please see my initial post on Pastebin:
http://pastebin.com/f6a83e9fb
If it's true that all those domains resolve to just a
Steve Freegard wrote:
Matt Kettler wrote:
rich...@buzzhost.co.uk wrote:
On Fri, 2009-07-10 at 21:26 +1200, Jason Haar wrote:
On 07/10/2009 09:01 PM, Paweł Tęcza wrote:
Please see my initial post on Pastebin:
http://pastebin.com/f6a83e9fb
On Fri, 2009-07-10 at 06:15 -0400, Matt Kettler wrote:
rich...@buzzhost.co.uk wrote:
On Fri, 2009-07-10 at 21:26 +1200, Jason Haar wrote:
On 07/10/2009 09:01 PM, Paweł Tęcza wrote:
Please see my initial post on Pastebin:
http://pastebin.com/f6a83e9fb
If it's
On Fri, July 10, 2009 12:29, Yet Another Ninja wrote:
5 minutes later.. idea buried?
there is more then one way of make a white ?
meta URI_WHITE (!__URIBL_BLACK || !__URIBL_GREY)
no ?
meta URI_NOT_WHITELISTED (__HAS_ANY_URI URI_WHITE)
how many non spam domains exists really to be a big
Hi,
Because of Apache.org spam filters I can't send here my message about
spammers again:
. . .
http://pastebin.com/f6a83e9fb
I'm new to this list, and may be missing something obvious, but this looks
like a great candidate for a firewall DROP rule.
Is there any reason you don't just drop
Quoting Terry Carmen te...@cnysupport.com:
Hi,
Because of Apache.org spam filters I can't send here my message about
spammers again:
. . .
http://pastebin.com/f6a83e9fb
I'm new to this list, and may be missing something obvious, but this looks
like a great candidate for a firewall DROP
Terry Carmen pisze:
Hi,
Because of Apache.org spam filters I can't send here my message about
spammers again:
. . .
http://pastebin.com/f6a83e9fb
I'm new to this list, and may be missing something obvious, but this looks
like a great candidate for a firewall DROP rule.
Hi Terry,
You
Matt Kettler wrote:
It's no plugin I know of, but it's a feature we intentionally left out
of SA for security reasons. So given that it's a really bad idea I'd
guess barracuda did implement it themselves.
Are you forgetting URIBL_SBL?? That requires the A or NS records of
the URI to
On Fri, 10 Jul 2009, Terry Carmen wrote:
Because of Apache.org spam filters I can't send here my message about
spammers again:
. . .
http://pastebin.com/f6a83e9fb
I'm new to this list, and may be missing something obvious, but this
looks like a great candidate for a firewall DROP rule.
On Fri, 10 Jul 2009, Terry Carmen wrote:
Because of Apache.org spam filters I can't send here my message about
spammers again:
. . .
http://pastebin.com/f6a83e9fb
I'm new to this list, and may be missing something obvious, but this
looks like a great candidate for a firewall DROP rule.
On Fri, 10 Jul 2009, Terry Carmen wrote:
All the supplied domain names have a DNS server in China. It might be
worth it to create a rule to based on the link's DNS server's location
(Geo IP Lookup).
*that* might actually be a good test, and one that is safer than resolving
the offending
On Fri, 2009-07-10 at 12:40 +0200, Benny Pedersen wrote:
there is more then one way of make a white ?
Not being blacklisted does not justify any shade of white. The absence
of a listing is nothing more than no information. You can't deduct any
inverted information.
meta URI_WHITE
On Fri, 2009-07-10 at 09:11 -0700, John Hardin wrote:
On Fri, 10 Jul 2009, Terry Carmen wrote:
All the supplied domain names have a DNS server in China. It might be
worth it to create a rule to based on the link's DNS server's location
(Geo IP Lookup).
*that* might actually be a good
On 7/10/2009 6:30 PM, rich...@buzzhost.co.uk wrote:
On Fri, 2009-07-10 at 09:11 -0700, John Hardin wrote:
On Fri, 10 Jul 2009, Terry Carmen wrote:
All the supplied domain names have a DNS server in China. It might be
worth it to create a rule to based on the link's DNS server's location
(Geo
On Fri, 2009-07-10 at 18:44 +0200, Yet Another Ninja wrote:
On 7/10/2009 6:30 PM, rich...@buzzhost.co.uk wrote:
On Fri, 2009-07-10 at 09:11 -0700, John Hardin wrote:
On Fri, 10 Jul 2009, Terry Carmen wrote:
All the supplied domain names have a DNS server in China. It might be
worth it
On Fri, 10 Jul 2009, Yet Another Ninja wrote:
On 7/10/2009 6:30 PM, rich...@buzzhost.co.uk wrote:
On Fri, 2009-07-10 at 09:11 -0700, John Hardin wrote:
On Fri, 10 Jul 2009, Terry Carmen wrote:
All the supplied domain names have a DNS server in China. It might be
worth it to create
On Fri, July 10, 2009 18:17, Karsten Bräckelmann wrote:
Anyway, as I've told you before with some hastily scribbled logic, you
seriously should read up on De Morgan's law. The above meta equals
! ( __URIBL_BLACK __URIBL_GREY )
are you sure this logic holds in sa ?
|| is imho or not and
Benny Pedersen wrote:
On Fri, July 10, 2009 18:17, Karsten Bräckelmann wrote:
Anyway, as I've told you before with some hastily scribbled logic, you
seriously should read up on De Morgan's law. The above meta equals
! ( __URIBL_BLACK __URIBL_GREY )
are you sure this logic holds in
On Fri, 2009-07-10 at 22:42 +0200, Benny Pedersen wrote:
On Fri, July 10, 2009 18:17, Karsten Bräckelmann wrote:
Anyway, as I've told you before with some hastily scribbled logic, you
seriously should read up on De Morgan's law. The above meta equals
29 matches
Mail list logo