user_prefs won't work for me, because my server only filters messages
and then redirects them to an internal server (so I don't have mailboxes
here)
. one solution that I posted it seemed to work fine. may not the better
solution but this ok for what we need
Em 09-02-2012 19:12, Benny Pedersen e
Den 2012-02-09 17:59, Bowie Bailey skrev:
It may work, but it solves the wrong problem. The problem is to
blacklist the entire domain, but allow it through for one RECIPIENT.
in that case it needs to be solved with a plugin or outside of
spamassassin, if user_prefs is with more then one user
On 2/8/2012 6:53 PM, Benny Pedersen wrote:
> Den 2012-02-08 21:07, Rejaine Monteiro skrev:
>> blacklist_from *@somedomain.com
>> whitelist_to myu...@mydomain.com
> when you use blacklist_from you must use unblacklist_from not
> whitelist_to
>
> perldoc Mail::SpamAssassin::Conf
>
> everyone can wri
header __FROM_BADDOMAIN From =~ /some\.com/i
header __FROM_BADDOMAIN_GOOD_TO To =~ /myser\@mydomain\.com/i
meta FROM_BADDOMAIN_UNBLACKLIST_TO (__FROM_BADDOMAIN &&
__FROM_BADDOMAIN_GOOD_TO)
score FROM_BADDOMAIN_UNBLACKLIST_TO -100
not solved it blocks usernames some.com
add :addr after From a
Den 2012-02-08 21:07, Rejaine Monteiro skrev:
blacklist_from *@somedomain.com
whitelist_to myu...@mydomain.com
when you use blacklist_from you must use unblacklist_from not
whitelist_to
perldoc Mail::SpamAssassin::Conf
everyone can write email to a to addr and thus the whitelist is not
wor
On 2/8/2012 3:56 PM, Rejaine Monteiro wrote:
> solved.. (maybe, I will do more tests ...)
>
> I made this way:
>
> blacklist_from @domain.com
>
> and then, i create a meta test , like this:
>
> header __FROM_BADDOMAIN From =~ /some\.com/i
> header __FROM_BADDOMAIN_GOOD_TO To =~ /myser\@mydom
got better keeping the original version, only using de meta test...
(without blacklist_fom )
header __FROM_DOMAIN From =~ /some\.com/i
header __FROM_DOMAIN_TO To =~ /myuser\@mydomain\.com/i
meta FROM_DOMAIN_IN_BLACKLIST (__FROM_DOMAIN && ! __FROM_DOMAIN_TO)
score FROM_DOMAIN_IN_BLACKLIST 100
On Wed, 2012-02-08 at 18:07 -0200, Rejaine Monteiro wrote:
>
> It's not exactly what I need ... I'll try to be clearer (sorry by poor
> english)
>
> I need something like this: blacklist a entire @somedomain but accept
> when the *recipient * (not the sender) is certain user of *my* domain
>
I
solved.. (maybe, I will do more tests ...)
I made this way:
blacklist_from @domain.com
and then, i create a meta test , like this:
header __FROM_BADDOMAIN From =~ /some\.com/i
header __FROM_BADDOMAIN_GOOD_TO To =~ /myser\@mydomain\.com/i
meta FROM_BADDOMAIN_UNBLACKLIST_TO (__FROM_BADDOMA
On 2/8/2012 3:07 PM, Rejaine Monteiro wrote:
>
> It's not exactly what I need ... I'll try to be clearer (sorry by poor
> english)
>
> I need something like this: blacklist a entire @somedomain but accept
> when the *recipient * (not the sender) is certain user of *my* domain
>
> Or ... blacklis
It's not exactly what I need ... I'll try to be clearer (sorry by poor
english)
I need something like this: blacklist a entire @somedomain but accept
when the *recipient * (not the sender) is certain user of *my* domain
Or ... blacklist_from *@somedomain.com except when destination is
myuse
On Thu, 02 Feb 2012 16:51:51 -0200, Rejaine Monteiro wrote:
Example: blacklist_from @orig.com except when rcpt_to is
myb...@mydomain.com
freemail_domain example.org
freemail_whitelist non-spam-u...@example.org
untested, but its what i think is the nearest to what you asked
Am 02.02.2012 19:51, schrieb Rejaine Monteiro:
> Hi list,
>
> Is there any way to block an entire domain, except for a particular
> recipient?
> Example: blacklist_from @orig.com except when rcpt_to is
> myb...@mydomain.com
without read the faqs again
blacklist the domain, and whitelist one rec
Hi list,
Is there any way to block an entire domain, except for a particular
recipient?
Example: blacklist_from @orig.com except when rcpt_to is
myb...@mydomain.com
Robert Fitzpatrick wrote:
On Wed, 2007-08-22 at 08:58 +0100, Martin.Hepworth wrote:
Botnet 0.8 is a lot better than 0.7 - please upgrade if you don't already.
How do you tell what version you have? I cannot find it anywhere in the
files, so I downloaded 0.8 and diff'd the pm against what I ha
On Wed, 2007-08-22 at 08:58 +0100, Martin.Hepworth wrote:
> Botnet 0.8 is a lot better than 0.7 - please upgrade if you don't already.
>
How do you tell what version you have? I cannot find it anywhere in the
files, so I downloaded 0.8 and diff'd the pm against what I have and no
differences. I g
> -Original Message-
> From: news [mailto:[EMAIL PROTECTED] On Behalf Of René Berber
> Sent: 22 August 2007 07:42
> To: users@spamassassin.apache.org
> Subject: Re: BOTNET Exceptions for Today
>
> John Rudd wrote:
>
> > René Berber wrote:
> >>
John Rudd wrote:
> René Berber wrote:
>> Here's a good example of why Botnet's default score is too high, those
>> guys at
>> meridiencancun have a so called "Enterprise account" with their ISP,
>> what they
>> get is a fixed IP and no control over reverse DNS, that's why the reverse
>> returns wh
René Berber wrote:
Bret Miller wrote:
I keep saying that I have false positives with botnet, but haven't
substantiated that to date. So, today I'm spending a little time making
exceptions since I would like this to work. Here are todays:
[snip]
meridiencancun.com.mx, sent from IP
On Tue, 21 Aug 2007 16:56:27 -0500
Andy Sutton <[EMAIL PROTECTED]> wrote:
> On Tue, 2007-08-21 at 13:42 -0700, John Rudd wrote:
> > b) Botnet gets 0% false positives at one of my services (not just
> > "borked DNS == bad", as you're suggesting, but actual "everything
> > that triggered botnet was
Bret Miller wrote:
> I keep saying that I have false positives with botnet, but haven't
> substantiated that to date. So, today I'm spending a little time making
> exceptions since I would like this to work. Here are todays:
[snip]
> meridiencancun.com.mx, sent from IP ,
At 14:08 21-08-2007, John Rudd wrote:
Technically, there is a problem with it: it violates best practices
asserted by RFC 1912, section 2.1, which warns that not having
matching PTR and A records can cause a loss/denial of internet services.
You're right.
Regards,
-sm
On Tue, 2007-08-21 at 13:42 -0700, John Rudd wrote:
> b) Botnet gets 0% false positives at one of my services (not just
> "borked DNS == bad", as you're suggesting, but actual "everything that
> triggered botnet was actually spam"). And, yes, I actually check
I never suggested that. My thoughts
I don't know, but botnet hits a significant amount
of legitimate email here, regardless of how badly configured the sending
servers are.
I set botnet to score two, and I flag as spam at four. Every time I've
had a false positive botnet hit, other rules have been enough to keep
the score bel
Bret Miller wrote on Tue, 21 Aug 2007 13:08:06 -0700:
> When I see on the list that many people run botnet with ZERO false
> positives, I have to ask myself, "how? And why is our setup here so
> different?" Perhaps they already block email with invalid rdns at the MTA
> level, so none of this ever
SM wrote:
The
server.nch.com.au case is an interesting one. Technically, there isn't
anything wrong with that setup. But I digress as we are talking about
antispam here.
Technically, there is a problem with it: it violates best practices
asserted by RFC 1912, section 2.1, which warns that
At 13:08 21-08-2007, Bret Miller wrote:
When I see on the list that many people run botnet with ZERO false
positives, I have to ask myself, "how? And why is our setup here so
different?" Perhaps they already block email with invalid rdns at the MTA
Your setup is different as your users communic
Andy Sutton wrote:
On Tue, 2007-08-21 at 13:08 -0700, Bret Miller wrote:
When I see on the list that many people run botnet with ZERO false
positives, I have to ask myself, "how?
Anyone who claims that isn't really looking at the email they are
blocking, or don't believe borked DNS qualify as
Bret Miller wrote on Tue, 21 Aug 2007 12:15:27 -0700:
> Enews.webbuyersguide.com (part of Ziff-Davis Media), sent from IP
> 204.92.135.90, resolves to smtp22.enews.webbuyersguide.com #not sure why
> this got a BOTNET=1 flag, but it did. Also find hosts 92, 75, 70, 74, 93,
> 86, and others. All sim
On Tue, 2007-08-21 at 13:08 -0700, Bret Miller wrote:
> When I see on the list that many people run botnet with ZERO false
> positives, I have to ask myself, "how?
Anyone who claims that isn't really looking at the email they are
blocking, or don't believe borked DNS qualify as a FP.
> "we can't
> At 12:36 21-08-2007, John Rudd wrote:
> ># nslookup www2mail.wordreference.com
> >
> >Non-authoritative answer:
> >Name: www2mail.wordreference.com
> >Address: 75.126.29.11
> >
> >baddns.
>
> There's an authoritative answer for www2mail.wordreference.com.
>
> ># nslookup server.nch.com.au
> >
At 12:36 21-08-2007, John Rudd wrote:
# nslookup www2mail.wordreference.com
Non-authoritative answer:
Name: www2mail.wordreference.com
Address: 75.126.29.11
baddns.
There's an authoritative answer for www2mail.wordreference.com.
# nslookup server.nch.com.au
Non-authoritative answer:
Name
t; Name: server.nch.com.au
> Address: 69.94.122.247
>
> So, server.nch.com.au's name does not resolve back to the sending IP
> address, thus baddns.
OK... I guess I didn't check closely enough. But the point is still that
users expect these emails and complain if they don&#
Bret Miller wrote:
Enews.webbuyersguide.com (part of Ziff-Davis Media), sent from IP
204.92.135.90, resolves to smtp22.enews.webbuyersguide.com #not sure why
this got a BOTNET=1 flag, but it did. Also find hosts 92, 75, 70, 74, 93,
86, and others. All similarly resolve to smtpnn.enews.webbuyersg
I keep saying that I have false positives with botnet, but haven't
substantiated that to date. So, today I'm spending a little time making
exceptions since I would like this to work. Here are todays:
Americanpayroll.org, sent from IP 67.106.104.135, resolves to
67.106.106.135.ptr.us.
>Larry wrote:
>>
>> Can I blacklist a domain but make an exception for one person in that
>> domain?
>>
>> Like;
>>
>> blacklist_from [EMAIL PROTECTED]
>>
>> with the exception of [EMAIL PROTECTED]
>
>blacklist_from [EMAIL PROTECTED] won't blacklist [EMAIL PROTECTED] or
>[EMAIL PROTECTED]
>
>
Daryl C. W. O'Shea wrote:
> Larry wrote:
>>
>> Can I blacklist a domain but make an exception for one person in that
>> domain?
>>
>> Like;
>> blacklist_from [EMAIL PROTECTED]
>>
>> with the exception of [EMAIL PROTECTED]
>
> blacklist_from [EMAIL PROTECTED] won't blacklist [EMAIL PROTECTED] or
>
Larry wrote:
Can I blacklist a domain but make an exception for one person in that
domain?
Like;
blacklist_from [EMAIL PROTECTED]
with the exception of [EMAIL PROTECTED]
blacklist_from [EMAIL PROTECTED] won't blacklist [EMAIL PROTECTED] or
[EMAIL PROTECTED]
Now blacklist_from [EMAIL P
On Thu, March 23, 2006 3:55 pm, Larry wrote:
>
>
> Can I blacklist a domain but make an exception for one person in that
> domain?
>
> Like;
>
> blacklist_from [EMAIL PROTECTED]
>
> with the exception of [EMAIL PROTECTED]
Add a procmail rule for from [EMAIL PROTECTED] to skip Spamassassin filterin
Can I blacklist a domain but make an exception for one person in that
domain?
Like;
blacklist_from [EMAIL PROTECTED]
with the exception of [EMAIL PROTECTED]
Thanks
BTW;
SpamAssassin version 3.1.0
running on Perl version 5.8.5
on linux
Thanks again
--
LINUX is simple. It just ta
On Fri, 17 Jun 2005, Tom Lanyon wrote:
> Unfortunately, since we're using sendmail (ergh!) and cyrus (cyrdeliver
> for the MTA), we can't fit procmail in there anywhere.
> I'm currently researching cyrdeliver to see if there's any way to call
> spamassassin (or spamc) from that.
>
> If anyone know
.
> >
> > I want to enable spamassassin on our production mail server, however I
> > only want to filter for spam on selected email accounts.
> >
> > I was thinking of doing an all_spam_to *, and then creating exceptions
> > to this rule. However, I can't seem t
; only want to filter for spam on selected email accounts.
>
> I was thinking of doing an all_spam_to *, and then creating exceptions
> to this rule. However, I can't seem to find an unall_spam_to or
> unwhitelist_to command in the docs to achieve this.
>
> Does any
*, and then creating exceptions
to this rule. However, I can't seem to find an unall_spam_to or
unwhitelist_to command in the docs to achieve this.
Does anyone have any suggestions?
Thanks,
Tom
--
Tom Lanyon
Systems Administrator
NetSpot Pty Ltd
183 Melbourne Street, North Adelaide, 50
44 matches
Mail list logo
