n't seen more than one or two of these spams on
my SA-protected mailboxes, and my email address is on *every*
"millions of addresses" CD out there.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Communications,
er. i
occasionally get some troller randomly chatting with me pretending to
be the "person I met last friday at the party" but they are easily
ignored.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Communication
elf:
http://bugzilla.spamassassin.org/show_bug.cgi?id=2569
Thanks.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Communications, Inc.
Internet: [EMAIL PROTECTED] Rockville, MD +1-240-453-8497
AIM: vivekkhera Y!: vivek_kh
ly the ones that affect the
module will be effective in amavisd-new.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Communications, Inc.
Internet: [EMAIL PROTECTED] Rockville, MD +1-240-453
"cn-inflatables.com" ;-)
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Communications, Inc.
Internet: [EMAIL PROTECTED] Rockville, MD +1-240-453-8497
AIM: vivekkhera Y!: vivek_khera
ollowups of other cases where it fails
miserably.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Communications, Inc.
Internet: [EMAIL PROTECTED] Rockville, MD +1-240-453-8497
AIM: vivekkhera Y!: vivek_khera http://www.khera.org/~vivek/
---
ith the reverse to avoid
forgeries of DNS.
my bet is that you will find very few, if any, of those spam messages
originated at outlazed.com.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Communications, Inc.
Internet: [EMAIL PROTEC
s, or even months later will drastically skew the
results when comparing the lists, since they are dynamic.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Communications, Inc.
Internet: [EMAIL PROTECTED] Rockville, MD +1-240-453-8497
AIM: vivekkhera Y!:
ations in future I think...
Yep. Just stick with the underscores.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Communications, Inc.
Internet: [EMAIL PROTECTED] Rockville, MD +1-240-453-
counting the imaginary characters off the beginning and end of the
string as matching a "\W". [ ... ]
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Communications, Inc.
Internet: [EMAIL PROTECTED]
ster@ addresses would hope that more would skip
them. :-(
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Communications, Inc.
Internet: [EMAIL PROTECTED] Rockville, MD +1-240-453-8497
AIM: vive
rded after
KG> scoring 127.509. I'm impressed and would like to see how he did that :)
Do you have your amavisd-new keep a spam quarantine directory? It
does that by default, so look for something like /var/virusmails and
see if it is there.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
ng of mailing list
mail. For me, this reduces scanning load by nearly 50%, since most of
my mail is list mail.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Communications, Inc.
Internet: [EMAIL PROTECTED] Rockville,
> e. -T is good, and you shouldn't modify @INC. try setting PERL5LIB.
The -T switch will cause perl to ignore that environment variable...
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Communications, Inc.
Internet:
For anyone interested, I've just posted some patches against SA 2.60
to add support for SortMonster's MessageSniffer product (another spam
detecting tool).
By combining these tools, all of those "4.9 point" FN's get whacked
pretty effectively.
I'm debating adding a rule to subtract 3.0 points if
.
What I do is use some strict SMTP-time checks on commonly forged
domains (aol.com, hotmail.com, etc.) and a handful of low-collateral
damage DNSBLs to reduce the amount of crap that gets in to the
filtering step.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khe
amavisd-new source code is your friend, as are the
lookup readme files.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Communications, Inc.
Internet: [EMAIL PROTECTED] Rockville, MD +1-240-
a text file. Now run that thru spamassassin -t. Now,
remove one "Received" header at a time from the top and run it thru
again. Repeat until it flags your message with dynablock.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.
o take more than a DDoS to take out monkeys.com
BA> permanently.
He has posted a statement to spamtools to the contrary, that for at
least 6 months he will respond negatively to every query, and after 6
months he will give ample warning of when the zones may go away.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
he module and any listed dependencies. If you already have SA
installed, there are no new dependencies you need. So fetch, extract,
make and install manually is identical to CPAN.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera
> "MA" == Mrvka Andreas <[EMAIL PROTECTED]> writes:
MA> so i see that spamassassin is working, BUT where do i configure
MA> spamassassin?
MA> (company-wide)
You can do it in the site-wide spam assassin local.cf file, or since
amavisd runs as a particular user, do it in that user's personal
co
user razor anymore since it has been pretty ineffective for me.
Thus I don't have a suitable patch for taint-safeness for anything
newer.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Communications, Inc.
Internet: [EMAIL PR
es.
Maybe because NA bought Deersoft?
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Communications, Inc.
Internet: [EMAIL PROTECTED] Rockville, MD +1-240-453-8497
AIM: vivekkhera Y!: vivek_khera http://www.khera.org/~vivek/
-
retty obvious a lot of people assume things about the SA
licence but haven't actually read it or tried to understand it...
Same goes for a lot of Open Source projects, it seems.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Comm
}
} elsif ($rr->type eq "CNAME") {
if ($rr->cname eq 'list.terminator') {
pop @list if $pushed;
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Com
ee one off-hand, but there might be. You'll notice when you
submit messages to SpamCop, it often detects that the msg-id was
inserted by an intermediate mail relay. Perhaps that is a good test
since many mail servers do this for you as a favor (eg, Postfix).
--
=-=-=-=-=-=-=-=-=-=-=-
to other software (whether to refile, redirect, drop, or 'bounce').
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Communications, Inc.
Internet: [EMAIL PROTECTED] Rockville, MD +1-
nice updates you install.
What you probably want to do is re-run cpan and ask it what modules
are out of date (the 'r' command) and update them with 'install'.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera C
ed to whitelist your _receiving_ code so that it does not
block your requested list/bulk mail based on the DCC check, since by
definition those messages should be in DCC. You should not bypass
_reporting_ any message you receive.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
d results.
Globals? Who uses globals? Everything should be encapsulated in an
object anyway, or can be made into lexically scoped "my" variables.
This solves the "problem" handily.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.
er a while of no activity.
Personally, I don't need it now since I run under amavisd-new, but
perhaps in another life I may...
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Communications, Inc.
Internet: [EM
leases can do this using amavisd-new
(or anything that speaks SMTP and can run SA for you).
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Communications, Inc.
Internet: [EMAIL PROTECTED] Rockville, MD +1-240-453-849
prints this:
started 1058557662.08352
ended 1058557662.08387
elapsed 0.000345945358276367
The regexp engine in perl is quite smart, and if you give it hints, it
gets even better...
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.
s. we use the command line vexira product in conjunction with
amavisd-new to manage calling it and SA. If you bought the vexira
mail server version, you have to daisy chain it with amavisd-new,
which is a lot of duplicated effort.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
is now closed to non-member posts, as I
have just had to resubscribe myself with nomail in order to post (I
read from a local list exploder).
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Communications, Inc.
Internet: [EM
OK if the MX records exist. The standards define
that if they exist, they must be honored. If they don't exist, then
one must use the A record, as was the way before MX records were
invented.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.
ademark as an ISP and
MSS> software vendor.
Think "Coke" and "Pepsi" and see how far you get trademarking that in
a computer context... Not that SPAM is at that same level of brand
awareness...
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vive
own" to be a forger, even though it was considered "new" too.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Communications, Inc.
Internet: [EMAIL PROTECTED] Rockville, MD +1
t
forges the return address.
Like I've always said, it is a lot easier to write crappy programs
than it is to write good programs...
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Communications, Inc.
Internet: [EMAIL PROTECT
y-abusing software will even report 5xx errors back, as that would
waste time.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Communications, Inc.
Internet: [EMAIL PROTECTED] Rockville, MD +1-24
, naturally, are tagged by SA quite effectively (about 30% of
what makes it past those blocks).
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Communications, Inc.
Internet: [EMAIL PROTECTED] Rockville, MD +1-240-
> "BJ" == Ben Johansen <[EMAIL PROTECTED]> writes:
BJ> LOL!
BJ> Teaching implies that the student will learn and put the learning into
BJ> practice.
BJ> How can there be learnin' if their dead behind the shed? ;-)
You assume the student is the one behind the shed.
k advice from your mail server vendor/mailing
list on how to teach it to forward mail appropriately.
Personally, I use postfix+amavisd-new for this purpose, and postfix'
transport tables to do the routing to the final destination.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
s. He cannot retroactively change the
license terms of existing licencees.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Communications, Inc.
Internet: [EMAIL PROTECTED] Rockville, MD +1-240-453-8497
AIM: vivekkhera Y!: vivek_khera http://www.khera.org/~vivek/
-
> "JF" == Jim Ford <[EMAIL PROTECTED]> writes:
JF> they spam me, procmail will report them to Razor. But the obvious
JF> thing for a spammer to do would be to delete any addresses in his
JF> DB that contain the string 'spam' - I would think that they would
You'd think it was obvious to them t
> "PM" == Patrick Morris <[EMAIL PROTECTED]> writes:
PM> Your mail server is listed by Osirusoft as an open relay. You may want
PM> to take it up with them.
ROTFL. Lots of luck. Osirusoft is probably one of the most poorly
managed lists. Total black hole when you try to contact them, and
> "JS" == Justin Shore <[EMAIL PROTECTED]> writes:
JS> What I don't know how to do is randomly pick a line from a file. Like I
JS> said I'm doing this from the CLI where it only takes a nominal amount of
JS> shell scripting to have a working product in the end. Any tips would be
/usr/games/
> "L" == Larry <[EMAIL PROTECTED]> writes:
L> The default formatting for Lotus iNotes messages is RichText (base64
L> encoding).
>> How does rich text imply base64 encoding? Apple Mail can do rich
>> text, but it is sent clear.
L> You will need to ask IBM/Lotus why they do not do it the way
> "SP" == Steve Prior <[EMAIL PROTECTED]> writes:
SP> I'd start to question what that employee is doing that is getting him
SP> on that many spammer lists - does this employee actually do stuff or just
SP> register his email address with pr0n sites all day...
I've had the same email address s
an do rich
text, but it is sent clear.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Communications, Inc.
Internet: [EMAIL PROTECTED] Rockville, MD +1-240-453-8497
AIM: vivekkhera Y!: vivek_khera http://www.khera.org/~vivek/
---
Th
> "AL" == Alan Leghart <[EMAIL PROTECTED]> writes:
AL> to use different encoding (although, IIRC, it's not base-64 by
AL> default). I tested on one machine on our LAN, and from inside
AL> Excel 2000, select File and Send as email. Voici, base-64 encoded
AL> when it goes out. I'm glad I didn
ually
mean. Like you, I only use the automated technical-criteria BLs plus
the SBL list. Actually, currently I only use list.dsbl.org and
sbl.spamhaus.org since adding more lists only results in a bunch of
more DNS lookups for very little gain.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> "SL" == Shayne Lebrun <[EMAIL PROTECTED]> writes:
SL> nslookup relays.monkeys.com
SL> Server: black.MUSKOKA.COM
SL> Address: 216.123.107.2
SL> Name:relays.monkeys.com
SL> Relays.monkeys.com doesn't currently have an IP addy assigned to it, looks
SL> like.
Which has nothing to do wit
> "SR" == Sönke Ruempler <[EMAIL PROTECTED]> writes:
>> SA is not writing directly to your mail storage. It is handing it off
>> to procmail or back to your MTA for final delivery. It is the
SR> but if the MTA requires CRLF, it would be great to have an option for that
Or better yet, get y
> "SR" == Sönke Ruempler <[EMAIL PROTECTED]> writes:
>> It is only a *must* when MTA speaks with MTA. SA is not an MTA, so it
>> can use native line encoding to speak with the local MTA.
>>
>> POP3 is not an MTA either... the RFC you cite has nothing to day about
>> how the local mail system
> "TVD" == Theo Van Dinter <[EMAIL PROTECTED]> writes:
TVD> and a few other URLs that specify no difference/define the term:
TVD> http://www.smallbizmailer.com/features/opt_in.ttml
Wow... that's run by me (it is actually a copy of our main site,
www.mailermailer.com). I think that page is p
> "KAJ" == Kelly Annette Jameson <[EMAIL PROTECTED]> writes:
KAJ> Does anyone know how to setup Spam Assassin to automatically count all
KAJ> messages over a certain size as spam so they can be bounced back?
why not just make your server refuse messages over a certain size?
> "JM" == John Madden <[EMAIL PROTECTED]> writes:
>> else, do it. But don't fake the SMTP sender.
JM> Right - the SMTP sender wasn't faked. It was "blackboard
JM> (blackboard.ivy.tec.in.us...)" -- no mention of hotmail.com.
You're confusing the SMTP sender with the SMTP client.
-
e test is misnamed perhaps, but the test
itself is correct. If you want to set the From address to something
else, do it. But don't fake the SMTP sender.
Either that, or bypass the spam tests for locally originating mail and
let it all go out.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> "TLS" == Tony L Svanstrom <[EMAIL PROTECTED]> writes:
VK> Never underestimate the need for confirmation records...
TLS> Never understimate the stupidity of some people...
TLS> Never underestimate the usefulness of adding a "this was sent to
TLS> [EMAIL PROTECTED]" at the top of mailings;
t
was destined to the original person whose address he redirected.
Never underestimate the need for confirmation records...
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Communications, Inc.
Internet: [EMAIL PROTECTED]
ach source, that's impossible.
This is precisely why the FSF requires copyright assignment for any
alterations to projects they 'own' such as emacs and gcc -- there is
one and only one copyright holder who can make all the necessary
decisions for upholding the license.
--
=-=-=-=-=-=-=-
> "SE" == Steve Evans <[EMAIL PROTECTED]> writes:
SE> I have a few users who want to know how to send mass mailings and not
SE> get in trouble for sending spam. Does anyone know of a website with
You can't. Period. You will *always* get complaints about your mail
no matter what you do. No
, how does it change their ability to use the open source
code?
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Communications, Inc.
Internet: [EMAIL PROTECTED] Rockville, MD +1-240-453-8497
AIM: vivekk
perhaps sniffer
could be a scored test within SA...
How have other people's experiences been?
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Communications, Inc.
Internet: [EMAIL PROTECTED] Rockville, MD
just end up with
TLS> yet another e-mail you have to check to see if it is a fp.
Personally, I think that any rule that triggers only in the spam
corpus, and never in the non-spam, it should have a minimum score of 1
or 2 (or even higher).
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
What would go a long way to help is per-recipient manual white lists
in amavisd-new, rather than the current site-wide single white list.
Ditto for black lists, but that's not as important.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.
ep of the way there, and
if you don't exec anything, it does nothing to help you.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Communications, Inc.
Internet: [EMAIL PROTECTED] Rockville, MD +1-240-453-8
..
Razor2 seems to override timeouts set by SA (supposedly worked-around
in the next SA). Razor2 is not taint-mode safe (without the two Razor
patches posted on the amavisd-new site).
I find that amavisd-new is the best way to do spam/virus filtering at
a site-wide level.
--
=-=-=-=-=-=-=-=-
is a *VERY BAD IDEA*. You *will* end up reporting some mailing
list mail to razor when it triggers enough rules.
Did you ever wonder why things like the SourceForge monthly list
membership reminder are in Razor?
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera,
> "MK" == Matt Kettler <[EMAIL PROTECTED]> writes:
MK> Razor is notorious for having some quantity of invalid submissions.. Not
MK> too many, but some... (note: I'm excluding the null-mime-block issue from
MK> this, since that's now fixed). Usually bad submitters get bad CF ratings,
MK> but
CC'd most of the time.
When I hit "reply" to this last message, it wanted to send To you, and
Cc the list. Obviously, something gets lost by the time the message
got to me...
I'm using VM in XEmacs, which is a pretty decent program that tends to
DTRT.
--
=-=-=-=-=-=-
> "BA" == Bob Apthorpe <[EMAIL PROTECTED]> writes:
BA> mailing lists, so it's in your organization's best interest to move to
BA> 'confirmed opt-in' (or in greasy DMA-speak, 'double opt-in') as soon as
BA> reasonably achievable.
There's nothing greasy DMA-speak about "double opt-in". Describ
> "TVD" == Theo Van Dinter <[EMAIL PROTECTED]> writes:
TVD> Another thing to make that subset smaller is double opt-in (ie: verify the
TVD> initial opt-in). We're actually not doing that yet, although I hear it's
TVD> on the board for next year. (so someone could, sign up for an account
TVD>
me (possibly
significant) subset of the world will consider you to be a spammer no
matter what you do, unless you're 100% *confirmed* opt-in with all
records to prove it.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.
> "DF" == Duncan Findlay <[EMAIL PROTECTED]> writes:
DF> On Tue, Dec 10, 2002 at 10:12:26AM -0500, Mike Burger wrote:
>> While I agree with what they're doing, I disagree with how they're doing
>> it. For all intents and purposes, the "anti-spammers" in question are
>> still costing someone
ng the transport. There's
nothing fishy about it.
As to determining if it is really ebay, well, that's a really good
question. I guess if the last received header prior to your mail
server's header is ebay, it would be a good hint.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
e/amavisd/
I use it with postfix as a content filter.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Communications, Inc.
Internet: [EMAIL PROTECTED] Rockville, MD +1-240-453-8497
AIM: viv
uot;
KWG> <[EMAIL PROTECTED]> is. It seems that is where Webshield is
I believe that would be an incorrect interpretation. The only time
you need double quotes on the name part of an address is when it
contains things like commas or other quotes.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> "MM" == Michael Moncur <[EMAIL PROTECTED]> writes:
MM> These folks are serious spammers. They even register each of the domain
MM> names to look legit. Look up findhsm-list-cluster-182-643.com or any of the
MM> others, they're all registered to Daily Promotions. (It's a shame a WHOIS
MM> loo
ter or worse
than SA does now.
I've not tried this out because I havn't the time, but I should within
a couple of months or so.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Communications, Inc.
Internet: [EMAIL PROTEC
> "TK" == Tilman Kastner <[EMAIL PROTECTED]> writes:
TK> Obviously, the negative score did not apply to the
TK> sum. (It's a custom rule to avoid false positives).
Where did you learn arithmetic? ;-)
It adds up fine in my calculation. What score did you expect to get
from adding up all thos
Postfix ?
RH> amavisd-new does that.
No, it does not reject at the SMTP level. It accepts the message,
scans it, then generates bounces as necessary. The postfix content
filter just can't do the reject at SMTP connect time.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
m is BAD. Look it up on Google.
I don't think it is much worse than refusing to accept it in the first
place. Auto-dropping spam is, bad, though, since the real FP's won't
ever know what happened.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek
ring
tool, and does not run SA in a way that it knows who the local user
(if there is one) is.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Communications, Inc.
Internet: [EMAIL PROTECTED] Rockville, MD +1-240-45
f use to the SA guys.
I think it is about as useful as reporting virii missed by several
months old antivirus software... SA has advanced significantly since
2.31, and spam has evolved since then too.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.
> "RV" == Ross Vandegrift <[EMAIL PROTECTED]> writes:
RV> On Tue, Nov 19, 2002 at 05:14:46PM +, Justin Mason wrote:
>> I notice the bayes-busting spam posted on spambayes used linuxy text.
>> That probably works quite well given the current bayes userset ;)
RV> Ah, that's friggin geni
> "DM" == David Masterson <[EMAIL PROTECTED]> writes:
DM> H. If it was truly "opt-in", why would they need to avoid
DM> filters? They could simply have their customers white-list them.
Not everyone has control over their filters. Think AOL. Think Yahoo!
They apparently do some sort o
> "DS" == Dave Slusher <[EMAIL PROTECTED]> writes:
DS> Software and Winamp announce newsletters. I've been revoking them as
DS> they come through, but it is becoming an increasing pain. I guess the
DS> question is if this is deliberate or someone erroneously set on
DS> automatic report?
I've
> "DS" == Dave Slusher <[EMAIL PROTECTED]> writes:
DS> Software and Winamp announce newsletters. I've been revoking them as
DS> they come through, but it is becoming an increasing pain. I guess the
DS> question is if this is deliberate or someone erroneously set on
DS> automatic report?
I've
amavisd/
Full instructions are provided within.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Communications, Inc.
Internet: [EMAIL PROTECTED] Rockville, MD +1-240-453-8497
AIM: vivekkhera Y!: vivek_kher
> "DWM" == Darren W McClung writes:
DWM> I wish. In the last week, out of 4,816 messages, 2,744 (56%)
DWM> were spam, and I've blocked a good number of the problem
DWM> mailservers (*.colonize.com) at the firewall.
I have found that using a relays and proxy server block list at the
SMTP lev
> "JS" == Jan Schreckenbach <[EMAIL PROTECTED]> writes:
JS> Hi,
JS> why is this list not filtered on the list server? It's open to
JS> post for everyone. Should not every list like that be filtered?
How exactly do you propose discussing spam and spam techniques without
examples?
Lists that *
> "RG" == Roland Gaspar <[EMAIL PROTECTED]> writes:
RG> oooh.. that would open-up a whole can of email DDOS
RG> whup-ass... just imagine I don't like someone, so I send spam, as
RG> them, to hundreds of sites, imagine now that it's a perfect world
RG> and 100% of those use SA and have it confi
> "JM" == Justin Mason <[EMAIL PROTECTED]> writes:
JM> Ralf Hildebrandt said:
>> He's wrong on this:
>> Fourth, and I've saved the best for last: SA is a HOG. I refuse to
>> fire up perl for each message, and I refuse to full-body-grep each
>> message that comes in.
>> (spamc/spamd and also
it was the Dilbert
newsletter) that was listed in Razor2. Luckily, it did not go over my
threshhold ;-)
I'm gonna upgrade the inbound filtering box soon, as Razor2 seems to
be doing pretty well.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.
> "TVD" == Theo Van Dinter <[EMAIL PROTECTED]> writes:
TVD> Overall, I don't get very many of these -- do other people see more?
TVD> I get maybe 1 or 2 a month if that (out of ~1700 spams/month).
I get tons. At least 5 to 10 a week. But then, I've actually
received two of these via postal
> "IA" == Ives Aerts <[EMAIL PROTECTED]> writes:
IA> After upgrading to 2.42, I get a lot less (actually none so far) false
IA> positives but I do get more false negatives. To do something about
IA> that, I thought of adding pyzor, dcc or razor2 to my installation. Any
IA> suggestions as to wh
t of date modules, and update
them (except where they insist on installing a newer perl).
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Communications, Inc.
Internet: [EMAIL PROTECTED] Rockville, MD +1-240-453-849
0ms to 300ms per message
to process thru SA.
The combo of amavisd-new and postfix is great in that you can limit
the resources you allocate to filtering.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.Khera Communications, Inc.
Internet: [
1 - 100 of 173 matches
Mail list logo
