Le 26/07/2009 04:00, McDonald, Dan a écrit :
From: Robert [mailto:list...@abbacomm.net]
There are no doubt lots of ways, but how about:
egrep 'whitelist_from[^_]' local.cf | awk '{FS=@; print $2
TXT;}' | xargs dig | grep v=spf1
what is this supposed to do?
select all of your
On 27/07/09 6:35 AM, twofers twof...@yahoo.com wrote:
Performing Cunnilringus -- An Art of Pleasure.www.onlyviagra net
I thought a sex rule would have fired as well as something for
pleasure.www.onlyviagra net
This is pretty basic and straight forward isn't it?
This is a tough row
Hi Mouss, thanks for your answer.
In my installation, I've got a firewall with antispam features.
The target I want to achieve is to bypass SA check when a message has been
already tagged as spam by the firewall.
I'll try posting the question on the postfix-users list.
Bye,
-Pietro.
2009/7/25
Hi,
I found that my SA 3.2.5 do NOT perform the checks agains DNSWL.
The debug contains:
[8845] dbg: plugin: loading Mail::SpamAssassin::Plugin::DNSEval from @INC
[8845] dbg: dns: is DNS available? 1
[8845] dbg: dns: checking RBL list.dnswl.org., set dnswl-firsttrusted
All other
On Mon, 27 Jul 2009 14:03:13 +0200
Christian Kuehn christian.ku...@mcs.de wrote:
[8845] dbg: dns: checking RBL list.dnswl.org., set dnswl-firsttrusted
All other RBL-checks are done fine, but no DNSWL.
Are you sure your trusted network is correct?
RW schrieb:
On Mon, 27 Jul 2009 14:03:13 +0200
Christian Kuehn christian.ku...@mcs.de wrote:
[8845] dbg: dns: checking RBL list.dnswl.org., set dnswl-firsttrusted
All other RBL-checks are done fine, but no DNSWL.
Are you sure your trusted network is correct?
Yes, correct settings!
On Sat, 25 Jul 2009 18:07:12 -0400
Michael W. Cocke cocke.mich...@gmail.com wrote:
There doesn't seem to be a web interface to subscribe/unscribe from
this list. The email address
users-unsubscr...@spamassassin.apache.org complains that my IP
address is dynamic (which is why I use
On Sat, 25 Jul 2009, Michael W. Cocke wrote:
There doesn't seem to be a web interface to subscribe/unscribe from
this list. The email address
users-unsubscr...@spamassassin.apache.org complains that my IP
address is dynamic (which is why I use dyndns.org, thank you very
much.) And on
Matus UHLAR - fantomas schrieb:
On 27.07.09 14:03, Christian Kuehn wrote:
I found that my SA 3.2.5 do NOT perform the checks agains DNSWL.
The debug contains:
[8845] dbg: plugin: loading Mail::SpamAssassin::Plugin::DNSEval from @INC
[8845] dbg: dns: is DNS available? 1
[8845] dbg:
On Mon, 27 Jul 2009, twofers wrote:
Can someone explain to me why one of the rule sets downloaded using
SA-Update could not fire on:
?Subject: cenogenetic
?
and the body having only and nothing else but:
?Performing Cunnilringus -- An Art of Pleasure.www.onlyviagra net
?
I thought a sex rule
rich...@buzzhost.co.uk wrote:
http://pastebin.com/m2cbc0965
This is scoring way low. Coming in from Hotmail (I would love to
blacklist these but some people just insist on using it).
10 in the last hour. Lart'd Hotmail abuse, but the content does not seem
to be catching ?
I get hits
http://pastebin.com/m2cbc0965
This is scoring way low. Coming in from Hotmail (I would
love to blacklist these but some people just insist on
using it).
10 in the last hour. Lart'd Hotmail abuse, but the
content does not seem to be catching ?
Content analysis details: (6.2 points,
On Mon, 2009-07-27 at 14:51 +0100, rich...@buzzhost.co.uk wrote:
http://pastebin.com/m2cbc0965
This is scoring way low. Coming in from Hotmail (I would love to
blacklist these but some people just insist on using it).
Scores a healthy 13 here. Mostly using custom rules.
X-Spam-Report:
Jari Fredriksson wrote:
Content analysis details: (6.2 points, 5.0 required)
pts rule name description
-- --
1.0 HTML_MESSAGE BODY: HTML included in message
0.0 BAYES_50 BODY:
On Mon, 2009-07-27 at 14:51 +0100, rich...@buzzhost.co.uk wrote:
I also used these local rules (some shamelessly copied off this
forum):
body MILLION_EURO
/\b(million|hundred.{0.40}\bthousand)\b.{0,40}\b(euro|pound)s?\b/i
describe MILLION_EURO Talks about millions of Euros
On Mon, 2009-07-27 at 17:31 +0300, Jari Fredriksson wrote:
Thanks there! Much better now, but I wonder what happened to my AWL. It
was not there in my last post..
Yes, which is exactly what AWL is. You just piped the message through SA
a second time. Previously, it was the first time you saw a
On Mon, July 27, 2009 14:03, Christian Kuehn wrote:
[8845] dbg: dns: checking RBL list.dnswl.org., set dnswl-firsttrusted
All other RBL-checks are done fine, but no DNSWL.
Any ideas?
is there trusted ip in the mail ?
spamassassin 21 -D -t msg | grep trusted | less
if yes is the ip that are
On Mon, July 27, 2009 15:14, Matus UHLAR - fantomas wrote:
did you try manually query dnswl servers? It's possible that they blocked
lookups from you for some reason...
try the web so
--
xpoint
Benny Pedersen schrieb:
On Mon, July 27, 2009 14:03, Christian Kuehn wrote:
[8845] dbg: dns: checking RBL list.dnswl.org., set dnswl-firsttrusted
All other RBL-checks are done fine, but no DNSWL.
Any ideas?
is there trusted ip in the mail ?
spamassassin 21 -D -t msg | grep trusted |
On Mon, July 27, 2009 15:21, Christian Kuehn wrote:
did you try manually query dnswl servers? It's possible that they blocked
lookups from you for some reason...
Nope, the requests via dig work fine and successful.
next step is spamassassin 21 -D -t msg | less
any trusted lines ?
--
Benny Pedersen schrieb:
On Mon, July 27, 2009 15:21, Christian Kuehn wrote:
did you try manually query dnswl servers? It's possible that they blocked
lookups from you for some reason...
Nope, the requests via dig work fine and successful.
next step is spamassassin 21 -D -t msg | less
On Mon, July 27, 2009 17:17, Christian Kuehn wrote:
[30132] dbg: conf: trusted_networks are not configured; it is
recommended that you configure trusted_networks manually
this might be the error, unsure if it is, but try add your wan ip's to
trusted_networks, and imho also to msa_networks
Benny Pedersen schrieb:
On Mon, July 27, 2009 17:17, Christian Kuehn wrote:
[30132] dbg: conf: trusted_networks are not configured; it is
recommended that you configure trusted_networks manually
this might be the error, unsure if it is, but try add your wan ip's to
trusted_networks,
Benny Pedersen schrieb:
On Mon, July 27, 2009 17:17, Christian Kuehn wrote:
[30132] dbg: conf: trusted_networks are not configured; it is
recommended that you configure trusted_networks manually
this might be the error, unsure if it is, but try add your wan ip's to
trusted_networks,
Hi,
* 3.0 RCVD_IN_UCEPROTECT2 RBL: Received via a relay in
* dnsbl-2.uceprotect.net
* [81.202.69.68 listed in dnsbl-2.uceprotect.net]
* 2.0 RCVD_IN_UCEPROTECT3 RBL: Received via a relay in
* dnsbl-3.uceprotect.net
*
On Mon, July 27, 2009 18:02, Christian Kuehn wrote:
[4177] dbg: dns: checking RBL list.dnswl.org., set dnswl-firsttrusted
[4177] dbg: dns: IPs found: full-external: 66.211.168.231, 10.243.56.55,
10.243.57.25 untrusted: 66.211.168.231 originating:
But no DNS-check furthermore
okay make a
On Mon, July 27, 2009 17:17, Christian Kuehn wrote:
[30132] dbg: conf: trusted_networks are not configured; it is
recommended that you configure trusted_networks manually
this might be the error, unsure if it is, but try add your
wan ip's to
trusted_networks, and
MySQL Student wrote:
Hi,
* 3.0 RCVD_IN_UCEPROTECT2 RBL: Received via a relay in
* dnsbl-2.uceprotect.net
* [81.202.69.68 listed in dnsbl-2.uceprotect.net]
* 2.0 RCVD_IN_UCEPROTECT3 RBL: Received via a relay in
* dnsbl-3.uceprotect.net
I found the only ruleset that catches this to be:
http://svn.apache.org/viewvc/spamassassin/trunk/rulesrc/sandbox/jhardin/20_uri_obfu_ws.cf?revision=795578
And then only the last two rules fired.
On Jul 27, 2009, at 6:35 AM, twofers wrote:
This is pretty basic and straight forward isn't it?
On Mon, 27 Jul 2009, Mike Wallace wrote:
I found the only ruleset that catches this to be:
http://svn.apache.org/viewvc/spamassassin/trunk/rulesrc/sandbox/jhardin/20_uri_obfu_ws.cf?revision=795578
And then only the last two rules fired.
That's old. Lose the ?revision... bit to see the
On Mon, 2009-07-27 at 17:31 +0300, Jari Fredriksson wrote:
On Mon, 2009-07-27 at 14:51 +0100, rich...@buzzhost.co.uk wrote:
I also used these local rules (some shamelessly copied off this
forum):
body__TRMB_YOUR_NAME
John, the current version doesn't trap that type of URI and that's why I am
using the older version and mentioned it.
I have collected 13 examples of obfuscated URIs that I can send you.
Mike
- Original Message -
From: John Hardin jhar...@impsec.org
To: Mike Wallace
On Mon, 27 Jul 2009, Mike Wallace wrote:
John, the current version doesn't trap that type of URI and that's why I
am using the older version and mentioned it.
That's odd, because I added that sample line to my testbed and it did hit:
[31850] dbg: rules: ran body rule URI_OBFU_WWW == got
On Mon, 27 Jul 2009, Daniel J McDonald wrote:
On Mon, 2009-07-27 at 17:31 +0300, Jari Fredriksson wrote:
On Mon, 2009-07-27 at 14:51 +0100, rich...@buzzhost.co.uk wrote:
I also used these local rules (some shamelessly copied off this
forum):
body__TRMB_YOUR_NAME
Hi,
I'm looking an email that appears to be one of the users from the
whitelist, but instead was from:
From probesqt...@segunitb1.freeserve.co.uk Mon Jul 27 19:49:19 2009
Why can't a comparison be made between the From: info and the actual
sender? Is this because of virtual domains and/or
On Mon, 2009-07-27 at 14:51 +0100, rich...@buzzhost.co.uk wrote:
http://pastebin.com/m2cbc0965
This is scoring way low. Coming in from Hotmail (I would love to
blacklist these but some people just insist on using it).
10 in the last hour. Lart'd Hotmail abuse, but the content does not seem
On Mon, 27 Jul 2009, Matus UHLAR - fantomas wrote:
On Sat, 25 Jul 2009, Michael W. Cocke wrote:
There doesn't seem to be a web interface to subscribe/unscribe from
this list. The email address
users-unsubscr...@spamassassin.apache.org complains that my IP
address is dynamic (which is why I
MySQL Student wrote:
Hi,
I'm looking an email that appears to be one of the users from the
whitelist, but instead was from:
From probesqt...@segunitb1.freeserve.co.uk Mon Jul 27 19:49:19 2009
Why can't a comparison be made between the From: info and the actual
sender? Is this because
38 matches
Mail list logo
