m rule if
they don't like how that particular rule works.
See:
https://cwiki.apache.org/confluence/display/SPAMASSASSIN/WhereDoLocalSettingsGo
Once all the rules are read and parsed spamassassin has an internal order to how
specific rules get run.
--
Dave Funk Univ
e creator of a given
signature is.
There's nothing to prevent each system in the SMTP hand-off chain from adding
their own signature, provided they do nothing to invalidate earlier signatures.
More than two is unusual/overkill, but it's not uncommon to see two.
--
Dave Funk
er in other rules to add points for
various kinds of things detected or "meta"ed with other rules.
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-05491256 Seamans Center, 103 S Capitol St.
Sys_admin/Post
in "clamav.pm"
#
full L_CLAMAV eval:check_clamav()
describe L_CLAMAV Clam AntiVirus detected a virus
score L_CLAMAV 5
#
header T__MY_CLAMAV X-Spam-Virus =~ /Yes/i
header T__MY_CLAMAV_SANE X-Spam-Virus =~ /Yes.{1,50}Sanesecurity/i
#
--
Dave Funk
s if the tests are still run, and it's just the score is
artificially offset based on which setting is used.
I'm wanting to not run RBL tests for the specific recipient email address.
--
Grant. . . .
unix || die
--
Dave Funk University of Io
egardless of how high the SA score is. (needed for "postmaster"
messages).
What version of sendmail are you using?
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-05491256 Seamans Center, 103 S Capitol St.
Sys_
me special status/command that spamd returns to the milter for this
kind of modification? If so the milters may need to be recoded to implement it.
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-05491256 Seamans Cen
:
ls -la /var/spamassassin/bayesdb/bayes*
(taken from the bayes_path parameter) should get you what you want.
even better:
ls -la /var/spamassassin/bayesdb/
(to see if there's any leftover lock files in that directory)
--
Dave Funk University of Iowa
Co
As the header would have at least 6 characters but less than 150 I then tried:
header L_MY_HEADER X-My-Header =~ /^.{5,200}/
Which would fire only once, even if there were 5 or more instances of the
header.
What am I doing wrong? How should I craft a rule to count the number of
instances of that h
mework
to take what ever kinds of actions you want based on what components 'fired'.
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-05491256 Seamans Center, 103 S Capitol St.
Sys_admin/Postmaster/cell_admin
bly better to use a whole different tool that comes with that kind of
capability built-in (EG ClamAV).
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-05491256 Seamans Center, 103 S Capitol St.
Sys_admin/Postmaster/cel
0
Jun 26 09:26 spamass.sock
>
> or
>
> srw-rw 1 spamass-milter spamass-milter 0 Jun 26 09:26
spamass.sock
>
>/etc/group
> spamass-milter:x:128:postfix
>
> thanks for any help
--
Dave Funk
quot; plugin with extra
rules and heuristics/algorithms enabled.
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-05491256 Seamans Center, 103 S Capitol St.
Sys_admin/Postmaster/cell_admin Iowa City, IA 52242-1527
massassin -D" does not give any clues what's going
wrong.
Any suggestions about how to debug this?
Thanks,
Dave
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-05491256 Seamans Center, 103 S Capito
Henrik K wrote:
How about upgrading to latest 3.4.6?
This release includes fixes for the following:
- Fixed URIDNSBL not triggering meta rules
On Mon, Jul 19, 2021 at 01:42:51AM -0500, Dave Funk wrote:
I recently updated from SA 3.4.1 to 3.4.5 and noticed that a number of my
"meta" rul
spamass-milter
specifically because of this issue.
Writing a milter that directly talks the spamd protocol via a socket (local or
network) is more work but safer and more efficient.
(been there, done that, got the code to prove it).
--
Dave Funk University of Iowa
ains: value: avg.com
So why is SA 3.4.6 much less sensitive about picking up hosts in URLs?
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-05491256 Seamans Center, 103 S Capitol St.
Sys_admin/Postmaster/cell_admin Iowa City, IA 52242-1527
#include
Better is not better, 'standard' is better. B{
8.1.30]" is the representation of IPv4: 193.168.1.30
which is a Public IP address, thus that 'hit' is in error.
This should be considered a parsing bug.
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-05491256 Se
but meta
with other things such as Bayes to jack up the score.
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-05491256 Seamans Center, 103 S Capitol St.
Sys_admin/Postmaster/cell_admin Iowa City, IA 52242
md"
IE the '--helper-home-dir' option needs an '=' with no spaces, or use the -H
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-05491256 Seamans Center, 103 S Capitol St.
Sys_admin/Postmaster/cell
ter -i 127.0.0.1 -4"
Add the option "-D 127.0.0.1" in that spamass-milter OPTIONS.
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-05491256 Seamans Center, 103 S Capitol St.
Sys_admin/Postmaster/cell
In SA 3.4.1 the host value of From:addr was automagically added to the URIHOSTS
list and thus exposed to URIBL lookups.
SA 3.4.6 does not do that. Is there a configuration option to reactivate that
feature?
Thanks,
Dave
--
Dave Funk University of Iowa
secretadultnightclub.page.link but not
just page.link
Think of it like you would link shortner URLs (EG bit.ly).
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-05491256 Seamans Center, 103 S Capitol St.
Sys_admin/Postmaster/cell_admin
o do it just for your own messages then some kind of custom
delivery filter (EG procmail) would be the way to go.
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-05491256 Seamans Center, 103 S Capitol St.
Sys_admin/Postm
header data and match if there's none
of Subject, From, To, Reply-To entries.
IE a really malformed message.
Dave
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-05491256 Seamans Center, 103
this an issue with the DecodeShortURLs plugin or with SA?
Where would I find the most recent version of DecodeShortURLs plugin?
Thanks,
Dave
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-05491256 Seamans Center, 103 S
'PayPaI' to try to fool people.
I've also seen attempts using European character sets with letters that look
like O or e to fake common domain names.
I've hand coded rules to check for this stuff when frequently abused but I don't
know of a programmatic algorithm to do it a
iguration to run that milter
before the spamassassin 'glue' milter. Milter results are chained so any headers
explicitly added by one milter are passed on to succeeding milters.
If those headers are being generated by the MTA then it may not be possible for
milters to see the
ew database should be too empty for SA to be willing to
use it.
So if you -are- getting Bayes scores then that indicates that SA is using some
database other than what you think it has.
Now start manually training more messages (spam & ham). When you hit the 200
count threashold Bayes score
ing messages to figure out the problem ?
Thanks
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-05491256 Seamans Center, 103 S Capitol St.
Sys_admin/Postmaster/cell_admin Iowa City, IA 52242-1527
#include
Better is not better, 'standard' is better. B{
SIGNED=0.1, DKIM_INVALID=0.1
So eventho you think 'passed DKIM' SA clearly does NOT think it does. That
DKIM_INVALID will prevent the whitelist_auth from firing, thus you need to
investigate what's going wrong there.
--
Dave Funk Universit
documentation for confFROM_HEADER is a somewhat cryptic:
https://www.sendmail.org/~ca/email/doc8.12/cf/m4/tweaking_config.html#confFROM_HEADER
I'd rather it say instead, or reject it entirely.
Thanks,
Kirk
--
Dave Funk University of Iowa
College of Engine
m.eml"
Then:
if (spamc -c < spam.eml ) ; then
echo "is ham"
else
echo "is spam"
fi
will execute the 'echo "is spam"' clause
and if you feed it the ham.eml will execute the 'echo "is ham"'
VICTIM
describe CT_GOD_BENEFICIARY God and Beneficiary
score CT_GOD_BENEFICIARY 4
meta CT_GOD_BEGGER__CT_GOD && __CT_BEGGER
describe CT_GOD_BEGGERBegging in Religious Language
score CT_GOD_BEGGER3
--
Dave Funk
they'll never even see it
to try pounding on it.
To provide fault tolerance, you can set up rbldnsd's on multiple
machines and put multiple addresses in that 'forwarders' stanza.
You will need to put that zone definition in your primary bind and
each secondary.
--
Dave Funk
e 132983 hits on the combo of DKIM_SIGNED MAILTO_LINK
RDNS_DYNAMIC
but only 59189 hits on DKIM_SIGNED by itself?
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/ce
a Bayes that is mostly fed via auto-learning. I occasionally
hand feed corner cases that get mis-classified (usually things like phishes, or
conference announcments that can look shakey).
--
Dave Funk University of Iowa
College of Engineering
319/335-5751
.
Look up enlist_uri_host in your SA Conf documentation.
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_adminIowa City, IA 52242-1527
#include
Better is
he hard way by doing mime-checks on webservers
+1 for this, similar experience here.
I've seen "application/octet-stream" typing on ".htm" components of mail
messages created by major brand e-mail clients. The lazy authors assume
that the correct file ex
le relay lines
2.0 XPRIO Has X-Priority header
Notice that none of the other body tags are triggered.
Thanks,
Shivram
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_ad
in my generation of the
RFC 2822. I did not change it as
spamassassin did not assign a score.
2) I have set a threshold of -10 to see how spamassassin assigns a score for every mail.
On Mon, May 30, 2016 at 8:25 PM, Dave Funk wrote:
That message is either a fabrication or something f
0000111
001
So it works.
It's a single data byte but since the display field is a two byte
object, where within that two byte object does that single byte show up?
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384
B_PLL __B_PLL
describe B_PLL Body: Paragraph Length Limit
score B_PLL 1.0
I would be most grateful if you could spot the but in the above rule.
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384
ch.
I once wrote a rule to detect such obfuscation but it had too many FPs.
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_adminIowa City, IA 5
RBLs here, including some that I use at the SMTP level to
out-right block incoming traffic (such as cbl.abuseat.org , Spamhaus PBL,
SBL).
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
dicators) but the
other components of that message (such as that '.vn.local' message ID)
would be learned as spam signs.
This is why you MUST also train your Bayes with HAM messages (and train
them with the --ham flag) so Bayes knows how to recognise 'hammy' or
'neutral&#x
otentially with the "want recursion" bit set) and then doing the work of
chasing down all the different stake-holders necessary to answer the
question (performing the recursive query)
VS handing the query off to a 3'rd party and letting them do the
pient & creator).
And then there's the case where somebody forwards to you a reply that they
got so you get a message "Re: blah de blah (fwd)"
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-05
g for trouble.
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_adminIowa City, IA 52242-1527
#include
Better is not better, 'standard' is better. B{
y of users' mail to O-365 so
this is a battle I'm fighting now).
Bottom line, in this brave new world address based auth(n/z) decisions are
going to be increasingly problematic and an increasing reliance on things
such as digital signatures.
Dave
--
Dave Funk
connectivity).
spamassassin.apache.org has an A record (IE an IPv4 address) but no
record (IE no IPv6 address).
For some reason when you set that "options inet6" your system is not
willing to fall back to IPv4 mode (or a bug is preventing it).
That&#x
ernal service (EG DCC), database access, etc.
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_adminIowa City, IA 52242-1527
#include
Better is not b
changes) and then test to see if the whitelist works.
If it does then there's an issue with your per-user prefs, if not then
there's an issue with the white-listing itself.
--
Dave Funk University of Iowa
College of Engineering
319/335-5751
reject the message, etc).
So the SA header operations (which are written to std-out of SA) do
not have any direct effect on the message as passed thru sendmail.
That is entirely the function of the milter.
You need to look at the documentation (or source code) of the milter
to se
On Sun, 2 Jan 2011, Jack L. Stone wrote:
At 04:23 PM 1.2.2011 -0600, Dave Funk wrote:
On Sun, 2 Jan 2011, Jack L. Stone wrote:
Sorry to have to return to the trough so soon, but still dealing with
issues since recent upgrade of SA. Downgraded but no help there either, so
went back to latest
r", "smfi_chgheader", or "smfi_insheader" with one of the
arguments (2nd or 3rd) being the name of the header in question. Either
comment out that line of code or look for some option mechanism to
control it.
Given that SnertSoft sells that code and has a year's
d ask about disabling all network tests which would imply
that he had some reason to suspect the latter.
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_admin
90.49
49.190.44.202.in-addr.arpa domain name pointer
202.44.190.49.static.nexnet.net.au.
afnsecurity.com != 202.44.190.61.static.nexnet.net.au
Thus the claim that you are an imposterer
any chance you can get your ISP to fix that DNS reverse map and those SPF
records?
--
Dave Funk
The SaneSecurity sigs are good but have too high a FP rate for me
to feel comfortable running them as a SMTP reject process. I'm
quite happy to run them as a part of SA where Bayes, white-lists,
score adjustments, etc can ameliorate damage from FPs.
--
Dave Funk
ves me the best
of both worlds.
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_adminIowa City, IA 52242-1527
#include
Better is not better, '
our domain name in the From and combined
that with SPF_FAIL in a meta that really whacks the score.
IE, in general it's not safe to use SPF_FAIL as a one-shot-kill but
when restricted to our domain I can trust it.
--
Dave Funk University of Iowa
Coll
milters not
doing that correctly/completely (EG leaving off things such as
authentication bits). In particular if you add custom headers to your
sendmail config, you must customize your milter to match. This probably
means getting the source code for the milter and doing it yourself.
--
D
\w') rather than
the generic wild-card match character ('.') you avoid back-tracking of the
pattern-match engine (as well as putting a fixed size bounding on it).
This tactic does need to be used with caution to avoid FPs. The greater
the usage of non-fixed pattern matches, the large
text edit substition). Doesn't require
any addtional lines in your config files, score added is infinitesimal
but does show up in score report.
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seam
lace but your
sa-update is putting the rules that it fetches in the more standard place
and so your spamassassin never finds them.
You need to make sure that spamassassin & sa-update agree upon the dirs to
use for rules. You can either install matching kits or use command line
switches to tell
oking rDNS
0.7 KHOP_DYNAMIC Relay looks like a dynamic address
0.0 HELO_MISC_IP Looking for more Dynamic IP Relays
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sy
o wait a minute. ;(
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_adminIowa City, IA 52242-1527
#include
Better is not better, 'standard' is better. B{
aw & rendered message.
If there was some easy way to extract those numbers, calculate the
ratio, and make it available to the rules processor, then a score could be
generated at very little cost.
--
Dave Funk University of Iowa
College of Engineering
319/33
loading
Mail::SpamAssassin::Plugin::DNSEval from @INC
[snip ...]
If you don't see those 'plugin: loading' lines for SPF & DKIM, then
there's your problem. Either they're not installed on your system in a
way that SA can find them, wrong verions, or not inv
' it makes no difference
in the output.
This is SA 3.3.1
So what should I use, I just want the report & any additional headers
that SA added to the message, I don't want the body back.
--
Dave Funk University of Iowa
College of Engineerin
u'd then need to use something else to
do the deletion/move. (procmail?)
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_adminIowa City, IA
cement request. I tried creating a
rule that looked for that sort of crap but there's legit mail that
does it too.
[3] Damn people who insist that HTML should be acceptable everwhere.
I tried creating rules that blacklist email containing javascript
but there's le
wide bayes with auto-learning and occasional hand
training. Maybe not optimal but still worth doing and doesn't need much
attention. Over the past 9 years I've had to discard my Bayes database and
start from fresh (due to going totally off the rails) -once-.
--
Dave Funk
e may explain why you wern't finding
what you expected.
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_adminIowa City, IA 52242-1527
#include
confMILTER_MACROS_ENVRCPT', `b, r, v, Z, {greylist}')dnl
IE you want only ONE of each of those "define(`confMILTER_MACROS_*',..."
kind of statements.
If your different milters want different sets of parameters you need to
make a compilation of parameters for each kind of st
rust. (kinda like setting your trusted networks in SA).
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_adminIowa City, IA 52242-1527
#include
Better is no
as it enters your system -before-
you feed it to SA to see what headers the message already has?
There may be some up-stream system that is doing SA processing on your
mail. If so, you either need to get them to not do that, not run your own
SA & be willing
w rate you may want to keep multiple spamd
children around. Each child uses up memory but multiple children help
thruput during bursts of incoming messages.
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-0549
y the DNSBL checks eventho the bad-boy servers aren't
directly handing your server messages. (this depends upon having
"trusted_networks" configured correctly).
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384
recognition of contributions is a major psychological
component of why people go to this kind of effort.
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_admin
--pidfile=/var/run/spamd.pid --max-children=10
--max-spare=5
EXIM 4.76
Shared server:
Linux version 2.6.32-20120131.55.1.zzz.x86_64 (machbu...@build6.hoster.com)
(gcc version 4.4.6 20110731 (Red Hat 4.4.6-3) (GCC) ) #1 SMP Tue Jan 31
15:43:27 EST 2012
--
Dave Funk
_DNSWL_MED examines "firstuntrusted" and if he trusts
his MX/relays correctly then this shouldn't be happening.
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Po
nt to
discussing added bells-and-whisles.
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_adminIowa City, IA 52242-1527
#include
Better is not better, 'standard' is better. B{
n --test-mode < /spamemails/singleemail.spam
where singleemail.spam contains a single spam email.
Regards,
-Sean.
--
View this message in context:
http://spamassassin.1065346.n5.nabble.com/Spamassassin-not-parsing-email-messages-tp102770p102782.html
Sent from the SpamAssassin - Users mail
n list.
Poor sucker.
It's a compromised Yahoo! account. One of the #1 spamming issues right now for
us.
Regards,
KAM
Not only a compromised Yahoo! account but also a compromised website so
listing the URLs in some kind of RBL will be probelmatic for FPs.
--
Dave Funk
mized version of
miltrassassin which speaks the 'SPAMC' network protocol directly to spamd,
no use of the "spamc" client program at all.
There are some milters that don't even use spamd, they directly
instantiate the spamassassin engine wit
it to copy your IMAP spam/ham folders to local (on your SA server)
'mbox' format folders and then learn from them.
Dave
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Po
ty L_UI_PHISHs
#
meta MY_CLAMAV_SANE (L_CLAMAV && T__MY_CLAMAV_SANE)
meta MY_CLAMAV_MSRBL (L_CLAMAV && T__MY_CLAMAV_MSRBL)
[snip..]
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-0549
e.pw
specialzland.pw
specialztoday.pw
successtopdeals.pw
superbtopdeals.pw
supertopdeals.pw
usdirects1.pw
vision-virtualhosting12.pw
vision-virtualhosting14.pw
visionsvirtualwebhost2.pw
zbidnow.pw
avanheertyu.pw
getsuperiordeal.pw
sleeplessdaysnow.pw
gwampuer.pw
treelendnews.pw
getmatchedn
Donesh,
Thanks for your prompt response.
Do you just want the domain names or do you also want copies of the spam?
Dave
On Sun, 5 May 2013, doneshlaher wrote:
Hello Dave Funk,
Thank you for providing us with the list of domain names. We are acting on
them and will be taken down within 24/48
was about 6-7 times as fast on random reads as Berkeley DB.
If CDB is read-only, how do you store the a-time values on lookups so you
know which tokens aren't being used to facilitate expiry?
--
Dave Funk University of Iowa
College of Engineering
31
A scanner machine (are you
running a local caching DNS server? Are you using some explicit DNS
forwarder? Does your ISP do anything special with DNS queries? ...
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-0549
ack) but
it still simplifies configuration. (allow all queries on lo0 and
selected queries on eth*).
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_adminIowa
("/nonexistent/") it's something that you need
to explicitly create and change your configuration to point to.
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/P
100) to make them balance out each other.
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_adminIowa City, IA 52242-1527
#include
Better is not better, 'standard' is better. B{
File system permissions issues? Are the new rules files readable by the
"exim" user?
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_admin
rdin KA7OHZhttp://www.impsec.org/~jhardin/
jhar...@impsec.orgFALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
---
WSJ on the Fi
to hostmas...@ngdc.net and ask them to fix that.
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_adminIowa City, IA 52242-1527
#include
Better is
the MiB who snoop all incoming & outgoing
emails (would perplex the c**p outta them, they'd assue he was
up to something ;).
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
e SPF or DKIM, create a whitelist_auth entry for them
then either black list them or create rules to hit on any sign of the
comnpany's messages. The whitelist_auth will override any rules so real
messages will get thru and the blacklist/targeted rules will hit the
1 - 100 of 152 matches
Mail list logo
