> -Original Message-
> From: LuKreme [mailto:krem...@kreme.com]
> Sent: Thursday, 17 December 2009 4:59 p.m.
> To: users@spamassassin.apache.org
> Subject: Re: emailreg.org - tainted white list
>
> On 16-Dec-2009, at 16:11, Michael Hutchinson wrote:
> > So far
On Dec 16, 2009, at 8:11 AM, Christian Brel wrote:
> It's also fair to say any ESP such as Return Path taking money to
> deliver mail should be optimising it {or offering advice on
> optimisation) so it does *not* score high. Otherwise what are their
> customers paying them for?
Return Path is no
On Wed, 16 Dec 2009, LuKreme wrote:
On 16-Dec-2009, at 16:11, Michael Hutchinson wrote:
So far only 1 person on this list has claimed to have been hit by Spam
that has been let through by the Habeas rules in SA.
I'm the only one? Really? That doesn’t jibe with my memory, but I'm not
scanning th
On Thu, 17 Dec 2009, Yet Another Ninja wrote:
On 12/16/2009 6:16 PM, Charles Gregory wrote:
On Wed, 16 Dec 2009, Yet Another Ninja wrote:
> blabber... checkout SVN - follow dev list... HABEAS is history...
I believe the *point* here is that HABEAS is NOT 'history' for ordinary
systems runnin
LuKreme writes:
> On 16-Dec-2009, at 16:11, Michael Hutchinson wrote:
>> So far only 1 person on this list has claimed to have been hit by Spam that
>> has been let through by the Habeas rules in SA.
>
>
> I'm the only one? Really? That doesn’t jibe with my memory, but I'm not
> scanning the e
>
> I'm the only one? Really? That doesn't jibe with my memory,
> but I'm not scanning the entire list to prove you wrong.
>
> Really?
>
> Yeah, sorry, not buying it.
>
LuKreme et al,
you were not the only one much goes under or over the radar on the
list...
re those rules, we see 2
On 16-Dec-2009, at 16:11, Michael Hutchinson wrote:
> So far only 1 person on this list has claimed to have been hit by Spam that
> has been let through by the Habeas rules in SA.
I'm the only one? Really? That doesn’t jibe with my memory, but I'm not
scanning the entire list to prove you wrong
On 12/16/2009 6:16 PM, Charles Gregory wrote:
On Wed, 16 Dec 2009, Yet Another Ninja wrote:
blabber... checkout SVN - follow dev list... HABEAS is history...
I believe the *point* here is that HABEAS is NOT 'history' for ordinary
systems running ordinary sa-update on 3.2.5.
they can adj
>
> The trouble with this is how often are these rules being re-examined
> and re-evaluated?
>
> Not that often. HABEAS has been through three iterations since those
> rules were set at −4 and −8.
>
> What is enabled by default should be the safest possible settings.
> Relying on a third party t
From: "LuKreme"
Sent: Wednesday, 2009/December/16 07:56
On 16-Dec-2009, at 08:33, Mike Cardwell wrote:
For what it's worth, I just ran sa-stats.pl against my last ten days of
logs. The only mention of habeas was:
10HABEAS_ACCREDITED_SOI 367 1.450.00 17.36
So it h
From: "Mike Cardwell"
Sent: Wednesday, 2009/December/16 07:33
On 16/12/2009 14:23, LuKreme wrote:
uses. The only thing that really matters is how effective they are. If
a blacklist blocks spammers without blocking too many legitimate mails,
use it. If a whitelist allows legitimate mail wi
From: "Res"
Sent: Wednesday, 2009/December/16 03:18
On Wed, 16 Dec 2009, Christian Brel wrote:
On Wed, 16 Dec 2009 21:10:11 +1000 (EST)
Res wrote:
On Wed, 16 Dec 2009, Per Jessen wrote:
Christian Brel wrote:
Perhaps the time has come for a fork of Spamassassin where these
commercial c
On Wed, 16 Dec 2009, Yet Another Ninja wrote:
blabber... checkout SVN - follow dev list... HABEAS is history...
I believe the *point* here is that HABEAS is NOT 'history' for ordinary
systems running ordinary sa-update on 3.2.5.
My rules (in /var/lib/spamassassin) still include the stron
On Tue, 15 Dec 2009, J.D. Falk wrote:
Which finally brings us back to the core questions which seem to go
unanswered:
They've all been answered many times, in other threads.
Perhaps I missed the messages, but it seems to me that the deep issues are
*debated* a little, but never really answere
On 16-Dec-2009, at 08:33, Mike Cardwell wrote:
> For what it's worth, I just ran sa-stats.pl against my last ten days of logs.
> The only mention of habeas was:
>
> 10HABEAS_ACCREDITED_SOI 367 1.450.00 17.36
>
> So it hit on 17.36% of my Ham, and 0% of my Spam.
With
On 16/12/2009 14:23, LuKreme wrote:
uses. The only thing that really matters is how effective they are. If
a blacklist blocks spammers without blocking too many legitimate mails,
use it. If a whitelist allows legitimate mail without sending through
too many spams, use it. Even lists that hav
On Tue, 15 Dec 2009, jdow wrote:
Three points:
1) It is known this list is read by spammers to learn what we are
doing. I've verified this with "challenge/response" tactics including
taunting more than once.
Sh! They'll hear you! :)
2) On several occasions now Richard has tried to torpedo
> Still doesn't answer my question. Perhaps I'm "dense". But to
> spell out my question more explicitly:
>
> what do you mean by "personal response spam"? Is that just
> Richard's on-list responses we've all seen? Or something
> else? (did I miss that part of the conversation?). And what
>
On Wed, 16 Dec 2009 08:39:25 -0600
"McDonald, Dan" wrote:
> On Dec 16, 2009, at 8:13 AM, "Bowie Bailey"
> wrote:
>
> > Christian Brel wrote:
> >> The point comes back to this and it has *not* been answered
> >> sensibly; WHY DOES SPAMASSASSIN DEFAULT INSTALL WITH A NEGATIVE
> >> SCORING RULE
On Dec 16, 2009, at 8:13 AM, "Bowie Bailey"
wrote:
Christian Brel wrote:
The point comes back to this and it has *not* been answered sensibly;
WHY DOES SPAMASSASSIN DEFAULT INSTALL WITH A NEGATIVE SCORING RULE
THAT
FAVOURS A COMMERCIAL BULK MAILER. Namely the negative score for
Habeas?
On 12/16/2009 3:23 PM, LuKreme wrote:
On 16-Dec-2009, at 07:12, Bowie Bailey wrote:
uses. The only thing that really matters is how effective they are. If
a blacklist blocks spammers without blocking too many legitimate mails,
use it. If a whitelist allows legitimate mail without sending thro
On 16-Dec-2009, at 07:12, Bowie Bailey wrote:
> uses. The only thing that really matters is how effective they are. If
> a blacklist blocks spammers without blocking too many legitimate mails,
> use it. If a whitelist allows legitimate mail without sending through
> too many spams, use it. Even
Christian Brel wrote:
> The point comes back to this and it has *not* been answered sensibly;
> WHY DOES SPAMASSASSIN DEFAULT INSTALL WITH A NEGATIVE SCORING RULE THAT
> FAVOURS A COMMERCIAL BULK MAILER. Namely the negative score for Habeas?
>
This point has been answered. SA ships with that r
On ons 16 dec 2009 12:10:11 CET, Res wrote
no whitelist should ever become default part of SA, the day it is,
is the day > I look elsewhere.
please post on this maillist what you do when you find replacement for sa
--
xpoint http://www.unicom.com/pw/reply-to-harmful.html
On Wed, 16 Dec 2009, Christian Brel wrote:
On Wed, 16 Dec 2009 21:10:11 +1000 (EST)
Res wrote:
On Wed, 16 Dec 2009, Per Jessen wrote:
Christian Brel wrote:
Perhaps the time has come for a fork of Spamassassin where these
commercial considerations are not so obvious?
No need for such dra
Res wrote:
> On Wed, 16 Dec 2009, Per Jessen wrote:
>
>> Christian Brel wrote:
>>
>>> Perhaps the time has come for a fork of Spamassassin where these
>>> commercial considerations are not so obvious?
>>
>> No need for such drastic measures - it's only a ruleset.
>
>
> no whitelist should ever
On Wed, 16 Dec 2009 21:10:11 +1000 (EST)
Res wrote:
> On Wed, 16 Dec 2009, Per Jessen wrote:
>
> > Christian Brel wrote:
> >
> >> Perhaps the time has come for a fork of Spamassassin where these
> >> commercial considerations are not so obvious?
> >
> > No need for such drastic measures - it's o
On Wed, 16 Dec 2009, Per Jessen wrote:
Christian Brel wrote:
Perhaps the time has come for a fork of Spamassassin where these
commercial considerations are not so obvious?
No need for such drastic measures - it's only a ruleset.
no whitelist should ever become default part of SA
the day
Christian Brel wrote:
> Perhaps the time has come for a fork of Spamassassin where these
> commercial considerations are not so obvious?
No need for such drastic measures - it's only a ruleset.
/Per Jessen, Zürich
On Tue, 15 Dec 2009 14:28:05 -0700
"J.D. Falk" wrote:
> On Dec 15, 2009, at 12:04 PM, Charles Gregory wrote:
>
> > Which finally brings us back to the core questions which seem to go
> > unanswered:
>
> They've all been answered many times, in other threads. Habeas
> wasn't involved in emailre
On Tue, 15 Dec 2009 14:11:13 -0800
"jdow" wrote:
> From: "Rob McEwen"
> Sent: Tuesday, 2009/December/15 13:13
>
>
> > jdow wrote:
> >>> jdow wrote:
> his response personal spam to this account has increased sharply
> >>> Uuh, what does that mean, exactly?
> >> A possible cause and effect
From: "J.D. Falk"
Sent: Tuesday, 2009/December/15 13:28
On Dec 15, 2009, at 12:04 PM, Charles Gregory wrote:
Which finally brings us back to the core questions which seem to go
unanswered:
They've all been answered many times, in other threads. Habeas wasn't
involved in emailreg.org, thou
From: "Rob McEwen"
Sent: Tuesday, 2009/December/15 13:13
jdow wrote:
jdow wrote:
his response personal spam to this account has increased sharply
Uuh, what does that mean, exactly?
A possible cause and effect exists. I can neither prove nor disprove
it. the fact exists.
Still doesn't ans
On Dec 15, 2009, at 12:04 PM, Charles Gregory wrote:
> Which finally brings us back to the core questions which seem to go
> unanswered:
They've all been answered many times, in other threads. Habeas wasn't involved
in emailreg.org, though. No connection at all.
--
J.D. Falk
Return Path Inc
On Tue, 15 Dec 2009, Rob McEwen wrote:
jdow wrote:
jdow wrote:
his response personal spam to this account has increased sharply
Uuh, what does that mean, exactly?
A possible cause and effect exists. I can neither prove nor disprove
it. the fact exists.
Still doesn't answer my question. Per
jdow wrote:
>> jdow wrote:
>>> his response personal spam to this account has increased sharply
>> Uuh, what does that mean, exactly?
> A possible cause and effect exists. I can neither prove nor disprove
> it. the fact exists.
Still doesn't answer my question. Perhaps I'm "dense". But to spell ou
jdow wrote:
From: "Rob McEwen"
Sent: Tuesday, 2009/December/15 11:10
jdow wrote:
his response personal spam to this account has increased sharply
Uuh, what does that mean, exactly?
A possible cause and effect exists. I can neither prove nor disprove
it. the fact exists.
Properly known
From: "Christian Brel"
Sent: Tuesday, 2009/December/15 11:54
On Tue, 15 Dec 2009 11:01:51 -0800
"jdow" wrote:
Perhaps are some kind of spammer trying to divert attention from
yourself?
I have longer bona fides on this list than I suspect you
do and my partner is a currently inactive SARE
From: "Rob McEwen"
Sent: Tuesday, 2009/December/15 11:10
jdow wrote:
his response personal spam to this account has increased sharply
Uuh, what does that mean, exactly?
A possible cause and effect exists. I can neither prove nor disprove
it. the fact exists.
{^_^}
On Tue, 15 Dec 2009 11:01:51 -0800
"jdow" wrote:
> From: "Charles Gregory"
> Sent: Monday, 2009/December/14 12:35
>
>
> > On Tue, 15 Dec 2009, Michael Hutchinson wrote:
> >> If everyone could ignore the taunting, and just carry on, there
> >> wouldn't be an issue.
> >
> > The taunting *is* the
jdow wrote:
> his response personal spam to this account has increased sharply
Uuh, what does that mean, exactly?
--
Rob McEwen
http://dnsbl.invaluement.com/
r...@invaluement.com
+1 (478) 475-9032
On Tue, 15 Dec 2009, LuKreme wrote:
On 15-Dec-2009, at 09:42, Charles Gregory wrote:
The 'issue' (as I see it) is that a great many servers install a
'standard' SA 'package' So it is important to
to make the best possible assessment of all rules...
The trouble with that is exactly wh
From: "Charles Gregory"
Sent: Monday, 2009/December/14 12:35
On Tue, 15 Dec 2009, Michael Hutchinson wrote:
If everyone could ignore the taunting, and just carry on, there wouldn't
be an issue.
The taunting *is* the issue. The rest of the arguments, about design and
defaults, are carried o
On 15-Dec-2009, at 09:42, Charles Gregory wrote:
> On Tue, 15 Dec 2009, Martin Gregorie wrote:
>> Clarification: I, for one, was only proposing that the whitelisting
>> plugins and rules that query external databases are removed from the
>> standard ruleset and sa_update and placed in a separate li
On Tue, 15 Dec 2009, Martin Gregorie wrote:
Clarification: I, for one, was only proposing that the whitelisting
plugins and rules that query external databases are removed from the
standard ruleset and sa_update and placed in a separate library of
optional rules.
The 'issue' (as I see it) is th
On Tue, 2009-12-15 at 07:29 -0600, Daniel J McDonald wrote:
> That's the issue with pulling all of the whitelists out of the scoring
> mix - the whitelist components are part of the mix that allows 5 points
> to indicate spam. And I was trying to counter the argument that we
> should simply rip th
On Mon, 2009-12-14 at 23:07 +0100, Yet Another Ninja wrote:
> On 12/14/2009 10:55 PM, Daniel J McDonald wrote:
> > I'd love to have the clamav unofficial signature families scored. I
> > have a fine guess as to how relevant they are, but it is just that - a
> > guess.
>
> someone, somewhere is
On Tue, 15 Dec 2009 00:40:44 +0100
mouss wrote:
> Bill Landry a écrit :
> > Christian Brel, AKA "rich...@buzzhost.co.uk" (among other aliases),
> > is back...
> >
> > Bill
>
>
> he switched MUA, but forgot to switch "helo" and get a different IP
> range...
>
Good work Columbo. Tell me, how mu
On Dec 14, 2009, at 1:35 PM, Charles Gregory wrote:
> I ask again, on the issue of whitelists, is there a serious issue with
> spammers targetting white-listed IP's as favored candidates for hacking?
> I'm okay with the answer being 'no'. I'm sure people with large servers and
> good statistics
Bill Landry a écrit :
> Christian Brel, AKA "rich...@buzzhost.co.uk" (among other aliases), is
> back...
>
> Bill
he switched MUA, but forgot to switch "helo" and get a different IP range...
Received-SPF: softfail (nike.apache.org: transitioning domain of
brel.spamassassin091...@copperproducti
On Mon, 14 Dec 2009, jdow wrote:
selling access to spammers, how long do you think Barracuda would stay in
business. Their customers who got the spam would move elsewhere. So I
really don't think that Barracuda is going to sell out their main business
to make $20 off of a few spammers.
Marc,
Hello,
> The taunting *is* the issue. The rest of the arguments, about design
> and
> defaults, are carried on by numerous individuals in a quite civilized
> manner. But when someone starts throwing arond stupid accusations, then
> the person attacked focuses their efforts on 'defending' themselve
On 12/14/2009 10:55 PM, Daniel J McDonald wrote:
I'd love to have the clamav unofficial signature families scored. I
have a fine guess as to how relevant they are, but it is just that - a
guess.
someone, somewhere is alreay converting ClamV signatures to HUGE (slow)
rule files, forgot where
On Mon, 2009-12-14 at 22:39 +0100, Yet Another Ninja wrote:
> your modules are all there already and much of it is already managed as
> you suggest: they're called rules.. you can even switch them on or off,
> or add your own "modules" /plugins/modules.
>
> SA provides an Open Source FRAMEWORK
On Mon, 2009-12-14 at 21:23 +, Martin Gregorie wrote:
> May I suggest that handling whitelist or blacklist rules and any
> associated plugins by packaging them as separately installable modules
> may be of benefit to SA maintainers. The idea is to reduce the SA dev
> workload by handing off res
On 12/14/2009 10:23 PM, Martin Gregorie wrote:
May I suggest that handling whitelist or blacklist rules and any
associated plugins by packaging them as separately installable modules
may be of benefit to SA maintainers. The idea is to reduce the SA dev
workload by handing off responsibility for m
May I suggest that handling whitelist or blacklist rules and any
associated plugins by packaging them as separately installable modules
may be of benefit to SA maintainers. The idea is to reduce the SA dev
workload by handing off responsibility for maintaining and bugfixing
such modules to external
On Mon, 14 Dec 2009, Bob O'Brien wrote:
I can mostly just offer opinion, and that would be that whitelisting is
not (yet) in wide enough use to have become a sufficiently attractive
target.
Which brings us back to the 'rational version' of the discussion about SA
weighing whitelists favorably
Charles Gregory wrote:
I ask again, on the issue of whitelists, is there a serious issue with
spammers targetting white-listed IP's as favored candidates for hacking?
I'm okay with the answer being 'no'. I'm sure people with large servers
and good statistics could answer this question. But I get
On Tue, 15 Dec 2009, Michael Hutchinson wrote:
If everyone could ignore the taunting, and just carry on, there wouldn't
be an issue.
The taunting *is* the issue. The rest of the arguments, about design and
defaults, are carried on by numerous individuals in a quite civilized
manner. But when
> But I will miss (a) the entertainment value of some of his posts (his
> "dark forces" one from earlier today was a classic) --AND-- last but
> not
> least--I will miss his willingness to break through the political
> correctness and bring up various points that few others were willing
> (or
>
If I ever do anything questionable, or not ethical, or even illegal, I
hope that Richard is the one to call me out on it publicly because once
he's confused issues with his personal insults and his best "Art Bell"
impression, I'll then come out smelling like a rose.
If he can ever stay banned, I w
On Mon, 14 Dec 2009 08:37:02 -0800
"jdow" wrote:
> Yup - he's a spammer.
{enter stage left the name calling}
That's what I heard about you JD, ain't that a blast! I better get my
$20 out and trot over to barracuda.spam.for.mo...@emailreg.org then, so
I can grease the wheels and make it offici
On Mon, 2009-12-14 at 16:09 +, Christian Brel wrote:
> If it's so clear cut, why is the option for the owner of the said
> Barracuda spam device *not* able to disable emailreg.org, but they
> *can* disable the Barracuda whitelist 'proper'?
Not germane to the spamassassin list. Please redirec
From: "Marc Perkel"
Sent: Monday, 2009/December/14 07:28
LuKreme wrote:
On 14-Dec-2009, at 07:59, Bill Landry wrote:
Christian Brel, AKA "rich...@buzzhost.co.uk" (among other aliases), is
back…
Ah, that explains the tone and typo pattern of that email.
While I am suspicious of emailreg.org a
-1
/dev/null? Let's see if he earns it.
{^_^}
- Original Message -
From: "Christian Brel"
To:
Sent: Monday, 2009/December/14 01:54
Subject: Re: emailreg.org - tainted white list
Last week the blackhats that make up the '$pamAssassin PMC' sought to
silence
On Mon, 14 Dec 2009 07:28:22 -0800
Marc Perkel wrote:
> If you think about it, if Barracuda, a spam filtering company,
> started selling access to spammers, how long do you think Barracuda
> would stay in business.
To quote Dean Drako of Barracuda on a 2008 visit to the UK "Just sell
them anythi
LuKreme wrote:
On 14-Dec-2009, at 07:59, Bill Landry wrote:
Christian Brel, AKA "rich...@buzzhost.co.uk" (among other aliases), is
back…
Ah, that explains the tone and typo pattern of that email.
While I am suspicious of emailreg.org and Barracuda's ties to each other
Christian Brel wrote:
Last week the blackhats that make up the '$pamAssassin PMC' sought to
silence people who object to paid whitelists appearing in the core
program which seek to give advantage to certain ESP's. vocal in the odd
behaviour of the program. Namely those listed in whitelist 'Habe
On 14-Dec-2009, at 07:59, Bill Landry wrote:
> Christian Brel, AKA "rich...@buzzhost.co.uk" (among other aliases), is
> back…
Ah, that explains the tone and typo pattern of that email.
While I am suspicious of emailreg.org and Barracuda's ties to each other I am
not moving to a shack in Montana
Christian Brel, AKA "rich...@buzzhost.co.uk" (among other aliases), is
back...
Bill
Last week the blackhats that make up the '$pamAssassin PMC' sought to
silence people who object to paid whitelists appearing in the core
program which seek to give advantage to certain ESP's. vocal in the odd
behaviour of the program. Namely those listed in whitelist 'Habeas' (a
river flowing back
72 matches
Mail list logo