John Hardin wrote:
On Sat, 13 Feb 2010, smfabac wrote:
Is there a message size limit for sa-learn?
Yes, there is, and sadly sa-learn does not explicitly tell you a message
has been skipped because it's too large.
If there's a non-text attachment try deleteing it and re-learning
dar...@chaosreigns.com wrote:
I have to say keep in mind that MTAMark does not tie the spam to a
domain, and MTX does, which makes it easier to track down the spammer,
and blacklist by domain instead of IP.
I'm not quite sure what that means: how does MTX tie spam to a domain?
Regardless,
Noel Butler wrote on Mon, 15 Feb 2010 07:33:38 +1000:
Replacing the old /var/lib setting (which has worked for best part of a
decade) with /var/lib/spamassassin resolved this (and it seems other)
issues.
Well, compare default settings on
dar...@chaosreigns.com wrote:
On 02/14, dar...@chaosreigns.com wrote:
Now should I use _mtx, or MTAMark style _smtp._srv?
DNS records containing underscores are apparently a pain. In my Bind
config I had to add check-names ignore;. My secondary DNS provider
is responding with REFUSED (I
On Mon, Feb 15, 2010 at 07:46, mbeis mb...@xs4all.nl wrote:
John Hardin wrote:
On Sun, 14 Feb 2010, mbeis wrote:
Feb 14 22:12:46.522 [11706] dbg: dns: query failed:
0.3.3.updates.spamassassin.org = NOERROR
Feb 14 22:12:46.525 [11706] dbg: dns: query failed:
On 02/13, Matus UHLAR - fantomas wrote:
So the only effect of MTX should be confirmation that a machine may send
mail?
On 13.02.10 14:40, dar...@chaosreigns.com wrote:
Yes.
In such case you should not compare MTX with SPF and or DKIM, instead
you should clearly state that MTX is designed
dar...@chaosreigns.com wrote on Sun, 14 Feb 2010 20:06:56 -0500:
Please let me know if there is some evidence I'm missing that it's
reasonable to use an underscore in this context.
Underscores are explicitly forbidden in internet hostnames.
Kai
--
Get your web at Conactive Internet
Smfabac wrote on Mon, 15 Feb 2010 00:20:06 -0800 (PST):
So, does the documentation on sa-learn indicate that there is
a size limit on the message to be processed?
Why not check yourself?
Kai
--
Get your web at Conactive Internet Services: http://www.conactive.com
On Sun, 2010-02-14 at 23:46 -0800, mbeis wrote:
John Hardin wrote:
On Sun, 14 Feb 2010, mbeis wrote:
Feb 14 22:12:46.522 [11706] dbg: dns: query failed:
0.3.3.updates.spamassassin.org = NOERROR
Feb 14 22:12:46.525 [11706] dbg: dns: query failed:
mirrors.updates.spamassassin.org
On 2010-02-15 02:06, dar...@chaosreigns.com wrote:
Thank you for contacting us. An underscore is only legal for specific
types of DNS records, such as 'SRV'. 'A' records should only contain
letters, numbers and dashes. You may want to consider using '-' as
a substitute. I hope this helps.
On Sat, Feb 13, 2010 at 11:01, Per Jessen p...@computer.org wrote:
Justin Mason wrote:
On Thu, Feb 11, 2010 at 03:00, dar...@chaosreigns.com wrote:
http://www.chaosreigns.com/mtx/
It might be useful to compare with MTA MARK and see what the status of
that proposal currently is:
Per Jessen wrote:
Jonas Eckerman wrote:
(And of course, if this catches on, you'll have to provide RFC style
documentation.)
See Justins posting from two days back:
http://tools.ietf.org/draft/draft-stumpf-dns-mtamark/
On Mon, 2010-02-15 at 10:38 +, Martin Gregorie wrote:
On Sun, 2010-02-14 at 23:46 -0800, mbeis wrote:
John Hardin wrote:
What does dig +short -t TXT 0.3.3.updates.spamassassin.org return?
I have this computer running like this for 6 years now, and I've never had a
problem like
On Sun, 2010-02-14 at 18:18 -0800, the Nabble user shawn...@hotmail.com
once again replied off-list:
config files included show how the mail is flowing.
Karsten Bräckelmann wrote:
Nabble allows off-list replies, and apparently even makes it easy to
use? WTF, shouldn't the default be list
On 02/14, dar...@chaosreigns.com wrote:
Now should I use _mtx, or MTAMark style _smtp._srv?
dar...@chaosreigns.com wrote:
DNS records containing underscores are apparently a pain. In my Bind
config I had to add check-names ignore;. My secondary DNS provider
is responding with REFUSED
On Mon, 2010-02-15 at 13:34 +0100, Karsten Bräckelmann wrote:
dig +short -t TXT 0.3.3.updates.spamassassin.org
That gets 903765 from here.
Martin
On 02/14, Jonas Eckerman wrote:
1: The participation record is optional, so you only use it if you want
everything else to be rejected.
On 14.02.10 14:48, dar...@chaosreigns.com wrote:
Yeah. I'm thinking of using the 4th octet to indicate participation, and
the third octet to indicate
On 2010-02-14 19:20, dar...@chaosreigns.com wrote:
On 02/14, Jonas Eckerman wrote:
The SPF record above says that a host using panic.chaosreigns.com
in HELO should not be allowed to send mail unless it has the IP
address 64.71.152.40, regardless of the domain in the envelope
from, From:
Matus UHLAR - fantomas wrote:
On 02/14, dar...@chaosreigns.com wrote:
Now should I use _mtx, or MTAMark style _smtp._srv?
dar...@chaosreigns.com wrote:
DNS records containing underscores are apparently a pain. In my
Bind
config I had to add check-names ignore;. My secondary DNS
On Sun, 2010-02-14 at 18:27 -0500, Michael Scheidell wrote:
On 2/14/10 9:50 AM, Karsten Bräckelmann wrote:
Bad RAM?
well, it didn't start till SA 3.30, and deleting those two rules stopped
the seg fault and crash..
Well, I've seen bad RAM do strange things like that before. In the
middle
On 2010-02-14 19:20, dar...@chaosreigns.com wrote:
On 02/14, Jonas Eckerman wrote:
* I think there should be a way to tell the world wether you are using
the scheme for a domain (not host) or not. This could easily be done in
DNS.
I need to think about this more, thanks for the
On Mon, 2010-02-15 at 05:45 -0800, mbeis wrote:
When I enter dig 0.3.3.updates.spamassassin.org, I get:
Once again, there is no IP for these, and it isn't supposed to have one.
You are missing the TXT type in your query. By default, dig performs a a
lookup for an A record.
--
char
On Sun, 14 Feb 2010, Jonas Eckerman wrote:
1: The participation record is optional, so you only use it if you want
everything else to be rejected.
This is why I would support mtamark... It permits the sysadmin to
determine the default behaviour for his IP range, rather than defining a
Karsten Bräckelmann-2 wrote:
On Mon, 2010-02-15 at 05:45 -0800, mbeis wrote:
When I enter dig 0.3.3.updates.spamassassin.org, I get:
Once again, there is no IP for these, and it isn't supposed to have one.
You are missing the TXT type in your query. By default, dig performs a a
On Mon, 2010-02-15 at 06:30 -0800, mbeis wrote:
Karsten Bräckelmann wrote:
Once again, there is no IP for these, and it isn't supposed to have one.
You are missing the TXT type in your query. By default, dig performs a a
lookup for an A record.
dig -t TXT
On Sun, 14 Feb 2010, Jonas Eckerman wrote:
1: The participation record is optional, so you only use it if you want
everything else to be rejected.
On 15.02.10 09:04, Charles Gregory wrote:
This is why I would support mtamark... It permits the sysadmin to
determine the default behaviour
Karsten Bräckelmann-2 wrote:
;; QUESTION SECTION:
;mirrors.updates.spamassassin.org. INTXT
;; Query time: 1 msec
;; SERVER: 10.0.0.138#53(10.0.0.138)
Maybe want to go see that server? ;)
This is the IP adress of my DSL router. I haven't touched it for a decade or
so and
On 2010-02-14 19:20, dar...@chaosreigns.com wrote:
Possibly a lack of separate SPF records for HELO and MAIL FROM if
they are the same.
On 15.02.10 13:58, Jonas Eckerman wrote:
Agreed. I think they should have separated those records.
I don't see any reason. Why should we allow someone to
Kai Schaetzl wrote:
Smfabac wrote on Mon, 15 Feb 2010 00:20:06 -0800 (PST):
So, does the documentation on sa-learn indicate that there is
a size limit on the message to be processed?
Why not check yourself?
Kai
--
Get your web at Conactive Internet Services:
Matus UHLAR - fantomas wrote:
well, the ipv6 addresses are (were?) expected to be allocated by /48
blocks, so we could need check on this level too, imho.
We got an IPv6 range allocated late last year, it is a /48 block.
/Per Jessen, Zürich
After installing the tarball manually, spamd now starts.
Leaves figuring out what is wrong with my DNS. But it's nice to have
SpamAssassin working again.
Thanks for all your help!
Regards,
Marco
--
View this message in context:
Karsten Bräckelmann-2 wrote:
;; QUESTION SECTION:
;mirrors.updates.spamassassin.org. IN TXT
;; Query time: 1 msec
;; SERVER: 10.0.0.138#53(10.0.0.138)
Maybe want to go see that server? ;)
On 15.02.10 07:04, mbeis wrote:
This is the IP adress of my DSL router. I haven't
Smfabac wrote on Mon, 15 Feb 2010 07:27:19 -0800 (PST):
The question So, does the documentation on sa-learn indicate that there is
a
size limit on the messages to be processed? is a veiled request to the SA
developers/maintainers that people may be interested in that information.
If you
Mbeis wrote on Mon, 15 Feb 2010 07:04:35 -0800 (PST):
What can I change in it to
make DNS work for spamassassin?
how should we know? Maybe it's not doing TXT field lookups or a server in
the chain doesn't do them or a firewall doesn't like that. It's best you
talk to your service provider
On 02/15, Per Jessen wrote:
Change provider. There is absolutely nothing wrong with having an
underscore in DNS records. They're used for several things - _sip and
_domainkey for instance. Also see RFC2181.
RFC 2181 section 11 does seem to agree.
However, I still haven't found evidence of
I'm about to post about MTX to the Anti-Spam Research Group's discussion
mailing list: http://asrg.sp.am/about/lists.shtml This appears to be
the best next step toward RFC.
MTX HELO - need to comment on this
On 02/15, Jonas Eckerman wrote:
* Or, make a MTX checker traverse domain from the one
On Mon, 2010-02-15 at 07:27 -0800, smfabac wrote:
I see that there is no official answer to the question. what is the message
size limit where sa-learn fails.
If you use something spamc rather than using sa_learn you can gain some
flexibility due to the places and hosts where you can run
On 02/15, Kai Schaetzl wrote:
Underscores are explicitly forbidden in internet hostnames.
That's the point. MTX records are not host names. That's why _mtx would
be good, to differentiate it. RFC 1101 section 4 includes using A records
for subnet mapping. So there appears to be no
dar...@chaosreigns.com wrote:
On 02/15, Per Jessen wrote:
I checked my bind setup too, and I have the default for check-names -
no
complaints. It is however, perhaps, worth noting that my _sip and
_domainkey names are for SRV records, not A records.
Yup, no problems with SRV records -
On 02/15, Per Jessen wrote:
Hmm, there does seem to be some minor issue with the underscore in A
records, but I still think it would be the most appropriate way to go.
Technically I agree. However, practically, I think it might be important
to go without underscores purely due to
On 15/02/2010 8:11 AM, Karsten Bräckelmann wrote:
On Fri, 2010-02-12 at 09:35 -0800, Ben DJ wrote:
I've installed,
spamassassin -V
SpamAssassin version 3.3.1-r905461
running on Perl version 5.10.0
Attempts to pull rules from updates.spamassassin.org, (1),
Matus UHLAR - fantomas wrote:
try replacing with another one for a while if it helps. Or maybe
installing
a new firmware or new DSL router could help...
Thank you Matus for your hint. I upgraded my modem with a new firmware and
now sa-update works!
Thanks everybody for your help.
On 2010-02-15 15:04, Charles Gregory wrote:
On Sun, 14 Feb 2010, Jonas Eckerman wrote:
1: The participation record is optional, so you only use it if you
want everything else to be rejected.
This is why I would support mtamark... It permits the sysadmin to
determine the default behaviour
http://www.chaosreigns.com/mtx/policy/
Be sure to check out the flow chart at the bottom. It doesn't include
delegation. Thanks to Jonas Eckerman for getting me to do it.
The SA plugin is still on http://www.chaosreigns.com/mtx/
MTX Policy enables new tests which can be used in place of
On Tue, 16 Feb 2010, Jonas Eckerman wrote:
1: The participation record is optional, so you only use it if you
want everything else to be rejected.
This is why I would support mtamark... It permits the sysadmin to
determine the default behaviour for his IP range, rather than defining a
45 matches
Mail list logo
