On Tue, 2009-05-26 at 10:20 +0200, Matus UHLAR - fantomas wrote:
Well, first issue was only to compare file extension to provided mime type,
so it would hit .gif file of type image/jpeg
or do we need a FileType plugin?
On 26.05.09 11:23, Martin Gregorie wrote:
Yes - comparing MIME
just SHOULD read the docs.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
He who laughs last thinks slowest.
domain to send spam from.
Just forget that kind of spam filtering. Properly configured spamassassin
can catch spam much mre effectively.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu
considered if anyone
(including SA) wants to use their blacklist...
However the emailreg.org was mentioned here already, iirc.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem
to
the web/ftp(/gopher)?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Two words: Windows survives. - Craig Mundie, Microsoft senior strategist
[**SPAM**] to the email,
Why do you resend spam to ML users? Either filter it copmpletely, or don't
mess with it. If you need filtering, X-Spam-* headers should do the job. And
if you don't want to resend spam, moderate suspicious mail.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http
puffin.net\software\spam\samples\0005_body.txt could not be found. Please
check the name and try again.
Did nobody ever told you that URL directories are separated by slashes, not
backslashes?
Or is this a part of the obfuscation schema?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http
, not SA. And I'm not sure if the hostname is used by any
checks that would cause positive (oor lower negative) score.
Maybe SPF, I expect someone to comment on this...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising
are unavailable the spam is just sent through! I want it to
queue in that case. The machines will come back online and then drain
the mail queue.
I don't like this behaviour too, there's bug Bug 5359 about this.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I
Matus UHLAR - fantomas wrote:
181.188.252.222.in-addr.arpa domain name pointer localhost.
That is why FcRDNS is being used everywhere...
localhost has address 127.0.0.1 = fail.
On 03.06.09 19:31, Adam Katz wrote:
Actually, localhost doesn't resolve via DNS; it has no A record, nor
On 3-Jun-2009, at 14:02, Jari Fredriksson wrote:
`ip` varchar(10) NOT NULL DEFAULT '',
On 03.06.09 17:48, LuKreme wrote:
10?
7 could be enough for now, afaik AWL only stores /16 prefix...
PostgreSQL has a IPv4 type btw
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk
show me the way for from where can I find
out this informations.
are you sure using custom rules isn't enough for you?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem
that a server is a backup. You already know what your backup is
called, and presumably you control your mx settings.
Well, he may have many domeins, some out of his control, and some may have
different backup MX servers...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk
that it did not work. The mail
came through mx2.zoneedit.com
Maybe the plugin was unable to find out the destination domain. Can you try
inserting X-Envelope-To: or Delivered-To: header with the envelope recipient
to the mail?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk
On 04.06.09 18:04, Steven W. Orr wrote:
The following file came in and we can see that it did not work. The
mail came through mx2.zoneedit.com
On Fri, 5 Jun 2009 16:31:05 +0200
Matus UHLAR - fantomas uh...@fantomas.sk wrote:
Maybe the plugin was unable to find out the destination
On 05.06.09 23:55, mouss wrote:
localhost.netoyen.net has address 127.0.0.1
Actually, I think this is not good. localhost. should resolve, but putting
localhost to other domains even with 127.0.0.1 address is something that
should be imho avoided ;)
--
Matus UHLAR - fantomas, uh...@fantomas.sk
Matus UHLAR - fantomas wrote:
Actually, I think this is not good. localhost. should resolve, but
putting localhost to other domains even with 127.0.0.1 address is
something that should be imho avoided ;)
On 06.06.09 11:28, Bob Proulx wrote:
I think it is okay and normal to have localhost
Matus UHLAR - fantomas a écrit :
Actually, I think this is not good. localhost. should resolve, but
putting localhost to other domains even with 127.0.0.1 address is
something that should be imho avoided ;)
On 06.06.09 20:39, mouss wrote:
why? if it's because of xss and the like
-check, that Botnet catches all of those.
Well, this is catched by RCVD_HELO_IP_MISMATCH with quite high score.
(And, the SMTP connection MUST NOT be rejected (only) because of this
mismatch, we talked about this already)
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning
from authenticated users.
Actually, such mail _should_ be scanned, for cases when they start spreading
spam.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT
On Mon, 2009-06-08 at 11:59 +0200, Matus UHLAR - fantomas wrote:
On Mon, 2009-06-08 at 10:14 +0530, Anshul Chauhan wrote:
I can't use RBL because most of my users use datacards their ip
addresses are listed in RBL in SBL XBL SPAMCOP.
On 08.06.09 11:56, Karsten Bräckelmann wrote
?
- do you have perl installed from the distribution?
- don't you have incorrectly set environment variable PERL5LIB set somewhere
in startup/config files?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address
!
And, of course, such questions belong more to your packaging systems'
mailing list, not here...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu
are the sources, not victims).
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
One World. One Web. One Program. - Microsoft promotional advertisement
Ein
On 08.06.09 15:41, Arvid Picciani wrote:
i'm getting _massive_ amounts of backscatter and some of the
offenders are listed in dnswl.org.
is there anything i can do about that?
Matus UHLAR - fantomas schrieb:
ask for DNSWL delisting, if the backscatters are generated by dnswl hosts
On Mon, 2009-06-08 at 14:01 +0200, Matus UHLAR - fantomas wrote:
On 08.06.09 12:21, Karsten Bräckelmann wrote:
By authenticated users? So that's no bot spam, and the user spams
deliberately and consciously...
says who? Afaik spamware often uses outlook's SMTP engine, so it's quite
On 08.06.09 12:21, Karsten Bräckelmann wrote:
By authenticated users? So that's no bot spam, and the user spams
deliberately and consciously...
On Mon, 2009-06-08 at 14:01 +0200, Matus UHLAR - fantomas wrote:
says who? Afaik spamware often uses outlook's SMTP engine, so it's
quite common
?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I feel like I'm diagonally parked in a parallel universe.
On 09.06.09 12:09, Anshul Chauhan wrote:
Thanks a lot all of you for your help.
Please help with this how can i do this
* smtp-auth mails do not scan for spam at all*
can somebody please guide me for this.
On Tue, Jun 9, 2009 at 1:02 PM, Matus UHLAR - fantomas
uh
On Tue, 9 Jun 2009, Matus UHLAR - fantomas wrote:
I believe his request for stats is a polite way of disagreeing with your
statement that bots 'often' use Outlook SMTP Auth.
OK, to be more accurate: times change, and maybe currently it's not that
common to use outlook's (or whatever's
useless :)
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Linux - It's now safe to turn on your computer.
Linux - Teraz mozete pocitac bez
to illustrate a point that removing
and resigning a message on a mailing list probably is not a big deal.
I think it is sometimes very good to know that the mail sent to the list was
really sent by the person in From: address.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I
On Mon, 15 Jun 2009 09:29:13 +0200
Matus UHLAR - fantomas uh...@fantomas.sk wrote:
On Sun, 14 Jun 2009 13:20:21 +0200
mouss mo...@ml.netoyen.net wrote:
I am not as convinced as you:
- this modifies the body, thus breaking signatures. when mail gets
back to the same
the data phase. After the data phase,
virus and spam filters may look at the message as well as the MTA checking
the subject or the body.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto
character.
/(.+)spam sample(.+)/ will match exactly the same, but the match will be
slower since the (.+) will need to compare all text before/after the spam
sample and store them both to capture buffers.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish
?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
It's now safe to throw off your computer.
UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Saving Private Ryan...
Private Ryan exists. Overwrite? (Y/N)
news.
If it is confirmed it wil indeed be sad times, SORBS catches the most of
the crap that comes in here
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT
RCVD_IN_SORBS_SMTP 0 # n=0 n=1 n=2 n=3
50_scores.cf:score RCVD_IN_SORBS_SOCKS 0 0.182 0 0.801 # n=0 n=2
50_scores.cf:score RCVD_IN_SORBS_WEB 0 1.117 0 0.619 # n=0 n=2
50_scores.cf:score RCVD_IN_SORBS_ZOMBIE 0 # n=0 n=1 n=2 n=3
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk
(the one that charged a delisting
fee) is not used.
I know. It's neither in dnsbl.sorbs.net agregate zone for some time.
It was apparently removed indirectly because of the $50 delisting fee.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e
(and it wasn't due to spam).
Got more info?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Atheism is a non-prophet organization.
host (taken from Received:
line put by last internal host)
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
The early bird may get the worm
as a blacklist - nobody with half a
brain would block email just because of RFC ignorance on the part of
the sender.
Why not? I do that and intentionally - I don't like receiving spam from
companies that don't accept complaints...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk
(as noted, it's *far* from finished), but I am using
set_rendered method as in the example, so it should work. ;-)
great!
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu
Matus UHLAR - fantomas wrote:
On Wed, June 24, 2009 13:59, Per Jessen wrote:
3) I wouldn't refer to rfc-ignorant as a blacklist - nobody with half
a brain would block email just because of RFC ignorance on the part
of the sender.
Why not? I do that and intentionally - I don't
On 25.06.09 12:38, Yet Another Ninja wrote:
Could this thread be moved to spam-l ?
Seems it has little to do with SA
spam-l was closed iirc ;-)
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie
is actually 5.5... yes, older than 5.6
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
BSE = Mad Cow Desease ... BSA = Mad Software
Matus UHLAR - fantomas wrote:
I'm currently working on a modular plugin for extracting text and add
it to SA message parts.
if possible, extract images too, so the fuzzyocr and similar plugins would
be able to look at that too.
You meen extract images and add them as parts
in such case shares the rick of blacklisting in case of real spam
outbreak.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
- Have you got
. In some cases you can force the mail containing and
attachment to be refused, but you should better search for an solution like
amavis...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu
UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Micro$oft random number generator: 0, 0, 0, 4.33e+67, 0, 0, 0...
the RulesDuJour script?
The SARE rules aren't being updated for longer time, see
http://www.rulesemporium.com/
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek
is. 69.43.203.202 is apparently in her
internal_networks because 174.146.118.224 is listed in the PBL which is
checked only on internal network boundary...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie
by the installer.
... and after first sa-update, it won't get used even.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
One World. One Web
others are receiving mail from. That means, rbl checks can
help you catch spam others are (unintentionally) forwarding to you.
I object against disabling RBL checks in SA ...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising
On 30.06.09 07:06, rich...@buzzhost.co.uk wrote:
Are you saying that ZEN caught it after SA processed it? Why are
you not using ZEN in SA or at the SMTP stage?
On Tue, 30 Jun 2009 09:10:36 +0200
Matus UHLAR - fantomas uh...@fantomas.sk wrote:
She apparently does not have control over
On Wed, 2009-07-01 at 10:27 +0200, Matus UHLAR - fantomas wrote:
Note that rbl checks do not only control the IP you are receiving mail from,
but also an IP others are receiving mail from. That means, rbl checks can
help you catch spam others are (unintentionally) forwarding to you
is in blacklist, it
only will add more points to catch the spam. Very effective in cases of
low-scoring spam.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu
leads back to my original question,
Will the developers issue an sa-update to remove the sorbs test
if sorbs is not kept alive?
I think the answer is YES since they did that for other obsolete nework
lists...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish
N G W H A T I **ACTUALLY** S A I D no, that's easy.
Most kids learn it at school.
actually, they learn to read what the others _wrote_.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto
in
rule subdirectories.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Eagles may soar, but weasels don't get sucked into jet engines.
complaints of
non-working unsubscribing...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
If Barbie is so popular, why do you have to buy
?
I really can't figure it out! (They have full names/addresses) and hit
the 'RCVD_IN_BSP_TRUSTED -4.30' rule.
But the mails look obviously like spam to me.
they seem not to mail random addresses but googling revealed complaints of
non-working unsubscribing...
--
Matus UHLAR
just like everyone else that is getting spammed?
what will that proove? That they actually did send the email? If you know
you are on the list, how can you detect if that is _unsolicited_ email?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e
that learning.
I don't think so. Teaching BAYES is a good way to hint AWL which way should
it push scores. By ignoring bayes, you could move much spam the ham-way
since much of spam isn't catched by other scores than BAYES, and vice versa.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http
/
score LOCAL_RECVD_TP 3.6
describe LOCAL_RECVD_TP Recvd from botnet
technically correct, but did you report that spam to t-p.com and xm-rz.net
before de facto blacklisting the company?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish
(0x9cbdaec)
implements 'check_main', priority 0
you don't have bayes DB, why do you know it should be flagged?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek
?
127.0.0.1 is in trusted_networks by default. The mail didn't hit ALL_TRUSTED
in your spamassassin, only in MailCleaner on sending network.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto
bayes_ignore_header X-Spam-Level
bayes_ignore_header X-Spam-Status
bayes_ignore_header X-Spam...etc.
Not needed, these are already ignored by spamassassin itself.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising
these messages from being downloaded via pop3.
It would be much better just to move them to subfolder that could be
accessed by IMAP.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem
as a whole, not about including/excluding BAYES
scores into.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Honk if you love peace and quiet.
//nobody/spamassassin/auto-whitelist.lock:
Permission denied
the nobody user apparently does not have filesystem permissions to create
files in /var/vmail//nobody and /var/vmail//nobody/spamassassin
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive
. :-)
I've been thinking about it. The pdftohtml could provide interesting
infromations like colour informations that could lead to better spam
detection. Any experiences with this?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail
don't, you can surely call
clamav and spamassassin (not spamc) from your .procmailrc as well but I
still won't recommend that.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem
since it is not
working.
Why not use milter? It's much more effective and easier to set up.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu
and this can be tetchy to
set up initially.
That's a PRO: you can fine-tune and whitelist to get better results with
faster scanning.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem
On Mon, Jul 13, 2009 at 12:01:35PM +0200, Matus UHLAR - fantomas wrote:
On 10.07.09 19:09, Henrik K wrote:
When you block botnets directly from MTA (zen, helo checks, greylist etc),
possible ClamAV/SA load is already reduced by a huge factor. Personally I
only see handful
should prevent the rules from hitting, but many ISPs and ESPs don';t
push auth informations to Received: headers...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT
On Mon, 2009-07-13 at 17:19 +0200, Matus UHLAR - fantomas wrote:
On Fri, 3 Jul 2009, RW wrote:
I understand that Spamhaus doesn't recommend this, because dynamic IP
addresses can be reassigned from a spambot to another user, but I added
my own rule it does seem to work. In my mail
packages
installed and also will assure security upgrades unless you are using
unsupported OS/distro.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek
users have reported it as
spam, so I would ask how is it possible that such mail got listed.
Yes, see my comment above for PYZOR...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu
mailserver...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Linux IS user friendly, it's just selective who its friends are...
On 21.07.09 19:18, Luis Daniel Lucio Quiroz wrote:
Ok, here is my doubt. I know who are Pyzor and DCC, and I really
convinced that a statistic test is a must to detect spam. But my
doubt is next:
- It is good to have both tests or just one?
Matus UHLAR - fantomas wrote:
listing in DCC
prevent an FP if it did.
Agreed, although the score assignments of Pyzor and DCC may warrant a
review by some mail administrators - to be sure to be sure (that mail
does flow).
pyzor interface needs rewriting to work with whitelist count too, not just
report count ...
--
Matus UHLAR
, install razor, configure SA to load razor plugin ... that's all.
I think I'm headed towards razor first, as it doesn't require python
and appears to be simpler and more effective, even?
yes.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e
.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
42.7 percent of all statistics are made up on the spot.
mail.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
99 percent of lawyers give the rest a bad name.
Received: line acknowledges that it was received from an external
server and email address. Which line does it check the SPF record of, just
the spoofable From: or one of the others?
the SPF is checked on yout internal network boundary, but only if
spamassassin gets the file to scan.
--
Matus UHLAR
LuKreme wrote:
On Jul 23, 2009, at 22:45, snowweb pe...@snowweb.co.uk wrote:
Is the email with attachment over 250KB?
On 24.07.09 01:13, snowweb wrote:
No, it's just 74Kb
Matus UHLAR - fantomas wrote:
the email or the attachment? In config you posted e-mails over 100K
On 25.07.09 01:25, jida...@jidanni.org wrote:
Actually there should be one or two more whitelists, so one can e.g., score
-100 one's friends
-10 one's schools
-1 one's country
we still have def_whitelist_* with score of -15.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http
lists).
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
The early bird may get the worm, but the second mouse gets the cheese.
into that :)
by ISP we of course mean the company you receive mail through, not the
company you are connecting through, unless you are using address hosted in
the same company.
For example, if you use gmail.com address, you should use gmail's SMTP
servers.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http
your ISP as smarthost.
Nothing wrong with the way this list is setup apart from it uses qmail,
but we wont go into that :)
On Mon, 27 Jul 2009, Matus UHLAR - fantomas wrote:
by ISP we of course mean the company you receive mail through, not the
company you are connecting through, unless you
is loaded fine. No warnings at
all.
How do you use SA? e.g. spamass-milter doesn't push all headers to message,
only those it has compiled in (a bug imho)...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address
want. IF you
want, you can have everything on one page. The fact that nobody has built it
does not mean that mailing lists are bad or forums are good.
It only means that you or snowweb are incapable of getting how do things
work.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http
topic, that
would be a huge bonus.
2009/7/28 Matus UHLAR - fantomas uh...@fantomas.sk:
You can build forum-like access to mailing list archive if you want. IF
you want, you can have everything on one page. The fact that nobody has
built it does not mean that mailing lists are bad
own MUA authors for not supporting list-reply.
On 28.07.09 12:12, Res wrote:
Actually, if he is a connection customer of foobar.com, he should use
foobar.coms SMTP server as his smarthost, as they will allow their
On Tue, 28 Jul 2009, Matus UHLAR - fantomas wrote:
do you mean they will only
could support your customers connecting from anywhere, insteaad of anyone's
customers connecting through your network.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT
On Thu, 2009-07-30 at 16:46 +0200, Sebastian Wiesinger wrote:
* Matus UHLAR - fantomas uh...@fantomas.sk [2009-07-30 16:35]:
On 30.07.09 14:03, Sebastian Wiesinger wrote:
I was under the impression that whitelist_from_rcvd checks if the
reverse lookup is forged. But still
MISSING_SUBJECT Missing Subject: header
Is this easy to do someplace?
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6104
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu
1 - 100 of 2456 matches
Mail list logo