On 23 Apr 2019, at 17:16, BlackIce_ wrote:
I have had a significant backscatter issue in the past. lately I have
been seeing the same issue you all are. I have Spamassassin and a
postfix server setup and it works most of the time. Likely I need
additional filter lines.
I saw the KAM.cf menti
I have had a significant backscatter issue in the past. lately I have been
seeing the same issue you all are. I have Spamassassin and a postfix
server setup and it works most of the time. Likely I need additional
filter lines.
I saw the KAM.cf mentioned, but do not see a place to obtain it.
A
> "Phil" == Phil Stracchino writes:
Phil> On 4/23/19 2:40 PM, lists wrote:
>> I would investigate using rspamd rather than spamassassin. At the moment
>> I run neither since I have settled upon a nice mix of RBLs and check the
>> reverse pointer. That Perl code to get rid of dynamic domains r
All these filtering schemes are like the old Christmas tree lights where if one
bulb fails, the whole thing stops working. Well sort of. I believe the RBLs can
fail, say time out, and postfix keeps working. My point though is you need to
consider the possibility of the mail server going down due
On 4/23/19 2:40 PM, lists wrote:
> I would investigate using rspamd rather than spamassassin. At the moment
> I run neither since I have settled upon a nice mix of RBLs and check the
> reverse pointer. That Perl code to get rid of dynamic domains really
> helps nuke spammers.
>
> Spamassassin tend
I would investigate using rspamd rather than spamassassin. At the moment I run neither since I have settled upon a nice mix of RBLs and check the reverse pointer. That Perl code to get rid of dynamic domains really helps nuke spammers.Spamassassin tends to use a lot of memory. When I was using it
On 23 Apr 2019, at 11:46, John Peach wrote:
On 4/23/19 11:39 AM, Paul wrote:
Yes I agree with Kevin here, the best solution to this problem is an
spf record set to reject mail from any ip that’s not in your
allowed list of ips for your domain. Forging a from address is very
easy and is one of
On Tue, 23 Apr 2019, Ian Jones wrote:
I am getting emails like the one below, in which the header from is my own
address. The emails contain text in a jpg image and claims my account has
been hacked and demands $1000 paid to a bitcoin account. I would like to find
a way to reject emails from m
* John Peach:
> It is not meant to catch the envelope sender. That should be in your
> normal checks.
Which is why I mentioned check_sender_access as an addition, for the
OP's benefit.
-Ralph
On 4/23/2019 12:20 PM, Benny Pedersen wrote:
> // maintainer hat on
>
> why are this rules not added to spamasassin core :(
>
Because masscheck and rule qa takes too long for the purposes we need
the rules for.
> \\ maintainer hat off
>
> or atleast a real spamassassin channel repo
Time/money/en
It is not meant to catch the envelope sender. That should be in your
normal checks. This is specifically for the data From:, which is what
these are using.
this will reject maillist posttings of your own
unless the maillists takes over From: header and claims maillists breaks
spf and dkim /
Kevin A. McGrail skrev den 2019-04-23 17:26:
On 4/23/2019 10:02 AM, Ian Jones wrote:
I am getting emails like the one below, in which the header from is my
own address.
Ian, are you using Apache SpamAssassin or something in the mix? I've
published a lot of rules for these sexploitation scams
Thanks for all the suggestions:
- I have an SPF record, but postfix not rejecting these, presumably
because the enveloper sender is valid
- I am not using SpamAssassin, but I'm coming round to the idea!
- John: this idea seems simple and effective, I will give it a try.
Many thanks,
Ian
Le
On 4/23/19 11:54 AM, Ralph Seichter wrote:
* John Peach:
/^From:.*\@example\.com/ REJECT
This header check will not catch the envelope sender, so I suggest
adding "check_sender_access pcre:/path/to/sender_access" to the mix
(file content according to your needs, of course).
It is not meant
* John Peach:
> /^From:.*\@example\.com/ REJECT
This header check will not catch the envelope sender, so I suggest
adding "check_sender_access pcre:/path/to/sender_access" to the mix
(file content according to your needs, of course).
-Ralph
On 4/23/19 11:39 AM, Paul wrote:
Yes I agree with Kevin here, the best solution to this problem is an spf record
set to reject mail from any ip that’s not in your allowed list of ips for your
domain. Forging a from address is very easy and is one of the main purposes of
why spf was created.
Paul:
> Yes I agree with Kevin here, the best solution to this problem is
> an spf record set to reject mail from any ip that?s not in your
> allowed list of ips for your domain. Forging a from address is
> very easy and is one of the main purposes of why spf was created.
How does SPF block an add
Yes I agree with Kevin here, the best solution to this problem is an spf record
set to reject mail from any ip that’s not in your allowed list of ips for your
domain. Forging a from address is very easy and is one of the main purposes of
why spf was created.
Sent from my iPhone
> On Apr 23, 2
On 4/23/2019 10:02 AM, Ian Jones wrote:
> I am getting emails like the one below, in which the header from is my
> own address.
Ian, are you using Apache SpamAssassin or something in the mix? I've
published a lot of rules for these sexploitation scams in KAM.cf and
with an SPF record, you really
Ian Jones:
> Hello,
>
> I am getting emails like the one below, in which the header from is my
> own address. The emails contain text in a jpg image and claims my
> account has been hacked and demands $1000 paid to a bitcoin account. I
> would like to find a way to reject emails from my own add
On 23/04/2019 15:02, Ian Jones wrote:
Hello,
I am getting emails like the one below, in which the header from is my
own address. The emails contain text in a jpg image and claims my
account has been hacked and demands $1000 paid to a bitcoin account. I
would like to find a way to reject email
Hello,
I am getting emails like the one below, in which the header from is my
own address. The emails contain text in a jpg image and claims my
account has been hacked and demands $1000 paid to a bitcoin account. I
would like to find a way to reject emails from my own addresses except
from my
Zitat von Viktor Dukhovni :
On Apr 19, 2019, at 1:10 PM, Wietse Venema wrote:
Using a name instead of cert fingerprint also requires revocation checking.
Cert revocation is not needed, as long as there is an an explicit
mapping like:
certificate identity -> permit/etc action
certif
23 matches
Mail list logo
