On Fri, Nov 05, 2010 at 09:11:39AM -0500, Stan Hoeppner wrote:
> Henrik K put forth on 11/5/2010 2:49 AM:
>
> > Did you happen to notice the absolutely generic expressions in the SA file,
> > unlike your file which mostly lists specific domains?
>
> The bulk of them are specific to a given ISP.
Henrik K put forth on 11/5/2010 2:49 AM:
> Did you happen to notice the absolutely generic expressions in the SA file,
> unlike your file which mostly lists specific domains?
The bulk of them are specific to a given ISP. I saw a half dozen that
are generic.
> Not that I don't agree the whole SA
On Fri, Nov 05, 2010 at 02:01:19AM -0500, Stan Hoeppner wrote:
> Michael Orlitzky put forth on 11/5/2010 1:39 AM:
> > On 11/05/10 00:11, Stan Hoeppner wrote:
> >> Michael Orlitzky put forth on 11/4/2010 8:06 PM:
> >>> On 11/04/2010 12:39 AM, Stan Hoeppner wrote:
> Ned Slider put forth on 11/3/
On 11/05/10 03:01, Stan Hoeppner wrote:
>>
>> http://svn.apache.org/repos/asf/spamassassin/rules/branches/3.2/20_dynrdns.cf
>
> Did you happen to notice the absolutely tiny number of expressions in
> the SA file, as compared to the ~1600 in the file whose use I promote
> here? Maybe I should get
Michael Orlitzky put forth on 11/5/2010 1:39 AM:
> On 11/05/10 00:11, Stan Hoeppner wrote:
>> Michael Orlitzky put forth on 11/4/2010 8:06 PM:
>>> On 11/04/2010 12:39 AM, Stan Hoeppner wrote:
Ned Slider put forth on 11/3/2010 6:33 PM:
> My other thought was to simply comment (or docum
On 11/05/10 00:11, Stan Hoeppner wrote:
> Michael Orlitzky put forth on 11/4/2010 8:06 PM:
>> On 11/04/2010 12:39 AM, Stan Hoeppner wrote:
>>> Ned Slider put forth on 11/3/2010 6:33 PM:
>>>
My other thought was to simply comment (or document) ranges known to
contain FPs and then the user
Michael Orlitzky put forth on 11/4/2010 8:06 PM:
> On 11/04/2010 12:39 AM, Stan Hoeppner wrote:
>> Ned Slider put forth on 11/3/2010 6:33 PM:
>>
>>> My other thought was to simply comment (or document) ranges known to
>>> contain FPs and then the user can make a judgement call whether they
>>> want
On 11/04/2010 12:39 AM, Stan Hoeppner wrote:
> Ned Slider put forth on 11/3/2010 6:33 PM:
>
>> My other thought was to simply comment (or document) ranges known to
>> contain FPs and then the user can make a judgement call whether they
>> want to comment out that particular regex based on their ci
Ned Slider put forth on 11/3/2010 6:33 PM:
> My other thought was to simply comment (or document) ranges known to
> contain FPs and then the user can make a judgement call whether they
> want to comment out that particular regex based on their circumstances.
> Not a very elegant solution.
I'm sta
I was able to accomplish that as well using fail2ban and some custom
regex rules for it. It can be setup to use iptables or /etc/hosts.deny
http://www.fail2ban.org/
One of my favorite anti spam measures is auto add repeat RBL hits, no PTR
hits, etc. to system firewall.
Here are a few entire network permanent firewall blocks for example as well.
ARIN--Level3-Sendlabs-DynDNS.org___-CIDR[63.209.253.224/27]
ARIN--Level3-Sendlabs-DynDNS.org___-CIDR[63.211.192.12
Hi Jack,
- "Jack" wrote:
> Hello All,
>
>
>
> I'm just checking all my spam settings on my postfix servers and I
> wanted to
> know if anyone is using any newer RBL's than below?
>
> (which have a low false positive rate)
My opinion is of course biased since we run Mailspike IP reputat
> -Original Message-
> From: owner-postfix-us...@postfix.org [mailto:owner-postfix-
> us...@postfix.org] On Behalf Of Stan Hoeppner
> Sent: Wednesday, November 03, 2010 8:05 PM
> To: postfix-users@postfix.org
> Subject: Re: RBL Spam question
>
> Charles Marcus
On 03/11/10 21:54, Stan Hoeppner wrote:
Ned Slider put forth on 11/3/2010 3:11 PM:
Stan, and others who are using this file - have any of you looked at the
overlap with greylisting? I would imaging that the vast majority of
clients with dynamic/generic rDNS would be spambots and as such I would
Ned Slider put forth on 11/3/2010 3:11 PM:
> Stan, and others who are using this file - have any of you looked at the
> overlap with greylisting? I would imaging that the vast majority of
> clients with dynamic/generic rDNS would be spambots and as such I would
> expect greylisting to block the va
On 03/11/10 19:04, Stan Hoeppner wrote:
Charles Marcus put forth on 11/3/2010 8:49 AM:
On 2010-11-02 10:07 PM, Stan Hoeppner wrote:
...
check_client_access pcre:/etc/postfix/fqrdns.pcre
...
I keep meaning to say/ask - thanks for this - and do you update this
frequently
Charles Marcus put forth on 11/3/2010 8:49 AM:
> On 2010-11-02 10:07 PM, Stan Hoeppner wrote:
>> Last, but not least important by any means (understatement), you may
>> wish to try out:
>> http://www.hardwarefreak.com/fqrdns.pcre
>>
>> Implement this as:
>>
>> smtpd_recipient_restrictions
>> p
On 2010-11-02 10:07 PM, Stan Hoeppner wrote:
> Last, but not least important by any means (understatement), you may
> wish to try out:
> http://www.hardwarefreak.com/fqrdns.pcre
>
> Implement this as:
>
> smtpd_recipient_restrictions
> permit_mynetworks
> permit_sasl_authenticated
>
Jack put forth on 11/2/2010 3:56 PM:
> I'm just checking all my spam settings on my postfix servers and I wanted to
> know if anyone is using any newer RBL's than below?
>
> (which have a low false positive rate)
Low FP noted, FSVO "low FP".
>reject_rbl_client zen.spamhaus.org,
>reject_
Hello All,
I'm just checking all my spam settings on my postfix servers and I wanted to
know if anyone is using any newer RBL's than below?
(which have a low false positive rate)
reject_rbl_client zen.spamhaus.org,
reject_rbl_client bl.spamcop.net,
reject_rbl_client psbl.surriel
20 matches
Mail list logo
