[sebast...@alita:~]$ host 220.231.127.15
15.127.231.220.in-addr.arpa domain name pointer localhost.
this is your dns error, it does not make sense
You are correct, but the problem is not in Sebastian's DNS - it is in
the rDNS of the IP that contacted his MTA.
Not quite the same thing,
Generally matters like this are handled by integration tools such as
MailScanner, amavisd-new, etc, although I do not know of any that
provide comprehensive quarantine management. That said, I've never
desired such, so I've not looked at length for one. (I mostly just tag
mail, and let users
To everybody; one of the best online diagnostic tool
http://www.intodns.com/nawilliams.com
1. this tool didn't find the error mentioned, and while it's very hard to
detect this problem, posting this address here just wouldn't help.
FWIW, to find DNS inconsistencies you need a full-traversal
All *.cf files under that directory contain rule definitions.
How are their names chosen is not important. What is the point of your
question?
Matus, this particular point was just out of my curiosity, nothing more
than
that. I just wanted to understand the reason for prefixing file names
Anyway, why are *web* servers sending out mail at all?
My web servers are sending out mail all the time. From website contact
forms, Forum notifications, pothole reports to local authorities, as well
as sysadmin messages.
In fact I'd be more surprised to find web servers *not* sending out
Yes I have a reply list button, but this is the only list I'm on where
I have to use it. I have gotten into the habit of just hitting
reply. So I sometimes accidentally reply to the poster instead of the
list.
FWIW, Opera's excellent mail client sets Reply to list as the default
action
Does anyone successfully use plugin or at least rules that catch fake
URLs?
On 3/21/11 12:37 PM, Matus UHLAR - fantomas wrote:
I mean URLs pointing to different address than they appear, like:
a href=phishing.site/fake/webmailhttp://webmail.example.com//a
On 21.03.11 12:41, Michael
The default spam threshold, and the one that all of the generated scores
are targeted at, is 5.0 - you already seem to be running at an elevated
score, so I wouldn't see any issues with dropping your tag score back to
the default of 5.0
I think many people run with tag at 5.0 and discard at 10.0
As we've spoken about off-list, my boss is being very particular about
the
deployment of Bayes, and it sounds like one of his caveats is that we
don't
start from a blank database.
Starting from a blank database is quickest and safest.
If you start from someone else's database, your Bayes
I'm hope I'm asking this in the right place. I'm wanting to replace a
useless Sonicwall ES300 device so I'd like to know if SpamAssassin has
the ability to store spam and send a daily email style report to users.
That's the one major feature my people would miss. Thanks for any help.
Also, it appears to me that the ISP provider caches not any worse than
the
local server dns server would cache, so could you please explain, what
benefit caching them locally provides over using already set up DNS
server at ISP?
The caching aspect isn't particularly relevant.
The problem
I have a few messages that have been incorrectly tagged because the
sender
used their yahoo address as the sender, but used a mass mailer (
contactbeacon.com) to send their newsletter for them. Apparently this is
enough for it to hit FORGED_YAHOO_RCVD and L_UNVERIFIED_YAHOO, causing it
to be
Because of the monitoring mode, when you move to p=reject, with all the
aggregate reports, you know exactly how much mail you will loose.
Only from reports coming from DMARC-checking mail servers that also
provide reports. You may well lose other mail delivery to servers that
fail to
Yes, but you don't have to set p=reject to know how much mail you would
loose. That's what p=none monitoring mode is for.
And if you see that you will loose many mails from mailing lists, it is
not wise to change your policy to p=reject without fixing those problems
first.
It's not only
I’ve be using spamassasin for a number of years with excellent results.
I recently updated my SA version to 3.4.0_13 and found that it caught
much more than it had been. It’s not enough to run sa-update, you need
to keep the install version up to date as well.
Just updated SA to 3.4.0 on
Oh dear.
Please could you keep your arguments and name-calling off-list? It's not
nice seeing people being so unpleasant.
Thanks!
Anthony
--
www.fonant.com - Quality web sites
Tel. 01903 867 810
Fonant Ltd is registered in England and Wales, company No. 7006596
Registered office: Amelia
ok..
now here's a suprise (it's all in the code :)
the Bayes.pm plugin alreafy includes:
snip
# Spamfilter/virus-scanner headers: too easy to chain from
# these
|X-MailScanner(?:-SpamCheck)?
For some time now MailScanner has recommended that users modify the
A yum update -y reboot
Nice downgrade of SA to spamassassin.x86_64 0:3.3.1-4.el5 :(
ok.. not so tragic... Old centos, old SA version - form now on no more
SA setup from yum
You can use yum to install SA from the Fedora project, if you use Copr:
As Alex has said there's a need for mirrors etc. - that could
potentially be the biggest impact on volunteers (assuming they offer to
help with that aspect) since they will be a more public facing
contribution and it would be great if it didn't spend more time offline
than online.
What
How about you take your own advice. On any of my lists that diatribe
would get you banned no questions asked.
I'm always amused by the abusive language people sometimes use on this
list.
Bad language, and personal attacks, reveal a lot more about the person
doing the writing than the
> I find it very tiresome reading your responses Reindl, you are
> consistently rude to people. I understand you may have a deeper
> knowledge of these things but there's no need to swear at everybody who
> posts a question.
I quite agree.
I'm sure Reindl/Harald is a very nice person in real
>> I don't suppose you can list the offending IP addresses?
>>
>> Or partially-obfuscated IP addresses?
>
> While I think it might be helpful to the administrators, I thought it
> might cross the line into publicly shaming people so I can't.
Understood.
Although perhaps listing them with just
> The Top 14 abusers account for nearly 30% of our update based on
> sampling one mirror for people downloading the files.
I don't suppose you can list the offending IP addresses?
Or partially-obfuscated IP addresses?
Anthony
--
www.fonant.com - Quality web sites
Tel. 01903 867 810
Fonant Ltd
> Ok we both subscribed to the list, but
> the GDPR gives us the right to be forgotten, for example. Now suppose
> you unsubscribe. You find out that your e-mails are archived on various
> sites other than SA. You send an e-mail to SA's or Apache's postmaster
> exerting your rights and demanding
> Meanwhile - adding URI lookups (for URIs in the body of the domains)
> and/or the option to add 3rd party URI list lookups - is STILL is
> missing from MANY widely used anti-spam systems.
If you mean following URLs in messages, you do need to be aware that
this can break one-time login links.
Yes, following links in email messages breaks "one-time login" links for things
like forgotten password messages. If the mail scanning requests the link then
the human recipient can't.
I've seen this problem, and it took a while to work out what was going on...
On 27 December 2017 18:33:21
Just a quick note:
the KAM_LABEL2 rule hits false positives, thanks to it looking for "PPE"
in subject and text case-insensitively and without boundary specifications.
This means that it hits "happening", so mail asking "what's happening
this week" in Subject and Body triggers the rule.
Anthony
> > X-PHP-Originating-Script: 48:class.phpmailer.php
>
> Yes, that's saying that the mail was sent from a call in
class.mailer.php (I think on line 48).
> PhpMailer is a very common email construction and sending tool.
Argh... 48 is the UID of the process. RedHat linux types often have apache
> > The originating PHP script header helps people who run shared servers
track down the source of problematic mail. The two most common cases are:
>
> Does this look valid?
>
> X-PHP-Originating-Script: 48:class.phpmailer.php
Yes, that's saying that the mail was sent from a call in
> Is it so that the list of rules only show rules that contribute to the
score?
Yes, only rules that contributed to the spam score are listed.
> What do you mean by a rule did not match?
SpamAssassin has hundreds/thousands of rules, each one looking at some
aspect of the email message. If the
30 matches
Mail list logo
