On 3/9/2005 6:08 PM, Justin Mason wrote:
> mouss writes:
>
>>Do you mean it's deliberate to catch this (as a helo ip mismatch):
>>
>> Received: from unknown (HELO 212.27.42.19) (218.190.234.6)
>>
>>but not this
>>
>> Received: from unknown (HELO [212.27.42.19]) (218.190.234.6)
> yes.
> >>> Some postings a while back led me to believe that I could specify
> >>> multiple hosts for the -d option of spamc. I understood that it
> >>> would operate basically on a fallback basis (not load balancing).
> >>> However, I can't seem to get spamc to use more than one of the -d
> >>> listin
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
mouss writes:
> Do you mean it's deliberate to catch this (as a helo ip mismatch):
>
> Received: from unknown (HELO 212.27.42.19) (218.190.234.6)
>
> but not this
>
> Received: from unknown (HELO [212.27.42.19]) (218.190.234.6)
>
> I c
On 3/9/2005 5:17 PM, List Mail User wrote:
> Postfix option "reject_invalid_hostname" will reject bare
> IPs (when used in the "smtpd_helo_restrictions" section of main.cf).
Good to hear this was fixed. I filed a bug report on it in May '04 but
didn't get much of a response. I'll have to u
Justin Mason wrote:
Eric A. Hall writes:
SA 3.0.2 currently performs a handful of tests against HELO greetings that
contain an IP address. These tests don't currently fire when an "address
literal" is used in the HELO greeting, but they should.
actually, that's deliberate -- compare the fre
>
>
>On 3/9/2005 3:29 PM, List Mail User wrote:
>
>>> See section 3.6 of RFC 2821:
>>>
>>> | - The domain name given in the EHLO command MUST BE either a
>>> primary |host name (a domain name that resolves to an A RR) or,
>>> if the host |has no name, an address literal as described in
>>
> > Some postings a while back led me to believe that I could specify
> multiple
> > hosts for the -d option of spamc. I understood that it would operate
> > basically on a fallback basis (not load balancing). However, I can't
> seem to
> > get spamc to use more than one of the -d listings. I'
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
should still be OK for whitelisting purposes -- as the words
in the mail will be correct. I wouldn't use it to learn a mail
as spam, of course, but as ham it won't do any harm.
- --j.
Linda W writes:
> Do you mean have it learn on my "Sent folder"
Do you mean have it learn on my "Sent folder" list?
Would it help that much though since the sender is always me and will be
lacking all the Received markers that incoming mail normally has?
Justin Mason wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Effectively, there's already a way to do
On 3/9/2005 3:29 PM, List Mail User wrote:
>> See section 3.6 of RFC 2821:
>>
>> | - The domain name given in the EHLO command MUST BE either a
>> primary |host name (a domain name that resolves to an A RR) or,
>> if the host |has no name, an address literal as described in
>> section 4
At 07:57 AM 3/9/2005, Steven Stern wrote:
The record was
"v=spf1 a mx ptr include:earthlink.net ~all"
I smarthost my mail through smtpauth.earthlink.net. The mail path then
bounces around inside earthlink for a while. The "spf why" page says:
hermes.apache.org saw a message coming from the IP addr
On 3/9/2005 4:01 PM, Justin Mason wrote:
>>SA 3.0.2 currently performs a handful of tests against HELO greetings that
>>contain an IP address. These tests don't currently fire when an "address
>>literal" is used in the HELO greeting, but they should.
>
> actually, that's deliberate -- compare th
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Eric A. Hall writes:
> SA 3.0.2 currently performs a handful of tests against HELO greetings that
> contain an IP address. These tests don't currently fire when an "address
> literal" is used in the HELO greeting, but they should.
actually, that's de
Eric,
I believe that you have misinterpreted (and only partially quoted)
RFC2821. A more correct interpretation (or at least different) and a fuller
set of quotations is below.
>
>SA 3.0.2 currently performs a handful of tests against HELO greetings that
>contain an IP address. T
On Wed, 9 Mar 2005, Dave Goodrich wrote:
[EMAIL PROTECTED] wrote:
What is involved in setting up spamassassin to run on a remote machine?
After installing it on hostA (mailserver) and hostB, I get onto hostA
and tweak my procmailrc to have
:0fw: $HOME/spamassassin.lock
| $SPAMHOME/bin/spamc -d host
At 01:31 PM 3/9/2005, [EMAIL PROTECTED] wrote:
$SPAMHOME/bin/spamd -d --syslog-socket=inet -r /var/tmp/spamdnew.pid \
--allowed-ips=
But I don't even see anything in syslog on hostB.
erm, that's not going to cause it to syslog to hostB... that's going to
cause spamd to allow hostB to run spamc
At 10:50 AM 3/9/2005, [EMAIL PROTECTED] wrote:
Can anyone explain to me what the URIBL_SBL rule does (I.e. which list Is
used)
I have an email that this rule catches because of a email address inside it.
The SpamAssassin report lists it as :
0.6 URIBL_SBL Contains an URL listed in the SBL blockli
I believe you have to rely on Earthlink's "smtpauth" for its SPF.
That's what I do.
{^_^}
- Original Message -
From: "Steven Stern" <[EMAIL PROTECTED]>
> My SPF record was working, but is now failing for this list. So, it
> seems that SPF checking has ratcheted up a notch. I've deleted
[EMAIL PROTECTED] wrote:
What is involved in setting up spamassassin to run on a remote machine?
After installing it on hostA (mailserver) and hostB, I get onto hostA
and tweak my procmailrc to have
:0fw: $HOME/spamassassin.lock
| $SPAMHOME/bin/spamc -d hostB.FQDN
... (if spam, then filter)
What do
SA 3.0.2 currently performs a handful of tests against HELO greetings that
contain an IP address. These tests don't currently fire when an "address
literal" is used in the HELO greeting, but they should.
See section 3.6 of RFC 2821:
| - The domain name given in the EHLO command MUST BE either a
[EMAIL PROTECTED] wrote:
What is involved in setting up spamassassin to run on a remote machine?
After installing it on hostA (mailserver) and hostB, I get onto hostA
and tweak my procmailrc to have
:0fw: $HOME/spamassassin.lock
| $SPAMHOME/bin/spamc -d hostB.FQDN
... (if spam, then filter)
And on
What is involved in setting up spamassassin to run on a remote machine?
After installing it on hostA (mailserver) and hostB, I get onto hostA
and tweak my procmailrc to have
:0fw: $HOME/spamassassin.lock
| $SPAMHOME/bin/spamc -d hostB.FQDN
... (if spam, then filter)
And on hostB, I start it up with
Kelson wrote:
Chris Santerre wrote:
Second, I believe SPF records can be spoofed
Only to the extent that any DNS record can be spoofed.
use in a disposibal manner.
In the sense that you can create any SPF entry you want... for your own
domain. I could set one up with "+all" indicating that mail
Chris Santerre wrote:
Second, I believe SPF records can be spoofed
Only to the extent that any DNS record can be spoofed.
use in a disposibal manner.
In the sense that you can create any SPF entry you want... for your own
domain. I could set one up with "+all" indicating that mail sent via
any s
Steven Stern wrote:
"v=spf1 a mx ptr include:earthlink.net ~all"
I smarthost my mail through smtpauth.earthlink.net. The mail path then
bounces around inside earthlink for a while. The "spf why" page says:
hermes.apache.org saw a message coming from the IP address 209.86.89.61
which
is smtpauth01.
Chris Santerre wrote:
-Original Message-
From: Daryl C. W. O'Shea [mailto:[EMAIL PROTECTED]
Sent: Wednesday, March 09, 2005 11:04 AM
To: Chris Santerre
Cc: 'Robert Menschel'; users@spamassassin.apache.org
Subject: Re: Whitelist collection project
How do you propose that whitelist_from_rcvd
>-Original Message-
>From: Daryl C. W. O'Shea [mailto:[EMAIL PROTECTED]
>Sent: Wednesday, March 09, 2005 11:04 AM
>To: Chris Santerre
>Cc: 'Robert Menschel'; users@spamassassin.apache.org
>Subject: Re: Whitelist collection project
>
>
>Chris Santerre wrote:
>> This might just be the first
From: Tim P [mailto:[EMAIL PROTECTED]
>
> I am using spamassasin on windows with the ESA message sync (
> http://www.christopherlewis.com/ExchangeSpamAssassin.htm ) and
> would like to have some statistics so that I can better tune the
> spam assassin (particularly with the minimum spam setting an
>
>> The SpamAssassin report lists it as :
>> 0.6 URIBL_SBL Contains an URL listed in the SBL blocklist
>> [URIs: gov.ru]
>
>> But no matter what I try, I canĀ“t find the blacklist that Is used.
>
>What this means is that the nameserver for gov.ru is listed
>in SBL.
>
> http://www
On Wednesday, March 9, 2005, 7:50:13 AM, Rikhardur EGILSSON wrote:
> Can anyone explain to me what the URIBL_SBL rule does (I.e. which list Is
> used)
RTFM?
uridnsbl checks a URI domain's nameserver against
sbl.spamhaus.org.
> I have an email that this rule catches because of a email address ins
On Wed, Mar 09, 2005 at 08:08:36AM -0800, Jeff Chan wrote:
> That should be safe, and we could probably still use them to
> limited effect in SURBLs to keep those domains off SURBLs.
It could also be used to generate default uridnsbl_skip_domain entries
as well. ;)
Including the domains in spams
On Wednesday, March 9, 2005, 8:03:49 AM, Daryl O'Shea wrote:
> Chris Santerre wrote:
>> This might just be the first time I disagree with you Bob ;)
>>
>> I don't see how this ruleset will not get abused. If I was a spammer I would
>> make sure all my spam hit these rules to let me in.
>>
>> As
I am using spamassasin on windows with the ESA message sync (
http://www.christopherlewis.com/ExchangeSpamAssassin.htm ) and would
like to have some statistics so that I can better tune the spam
assassin (particularly with the minimum spam setting and the purge on
discovery setting).
As perl is al
Chris Santerre wrote:
This might just be the first time I disagree with you Bob ;)
I don't see how this ruleset will not get abused. If I was a spammer I would
make sure all my spam hit these rules to let me in.
As a research tool it is great! Already the SURBL whitelist is one of the
best arou
On Wednesday, March 9, 2005, 7:30:20 AM, Chris Santerre wrote:
> I don't see how this ruleset will not get abused. If I was a spammer I would
> make sure all my spam hit these rules to let me in.
> As a research tool it is great! Already the SURBL whitelist is one of the
> best around thanks to J
Can anyone explain to me what the URIBL_SBL rule does (I.e. which list Is
used)
I have an email that this rule catches because of a email address inside it.
The SpamAssassin report lists it as :
0.6 URIBL_SBL Contains an URL listed in the SBL blocklist
[URIs: gov.ru]
But no m
On Wed, Mar 09, 2005 at 01:06:11PM +, Nix wrote:
>> An interesting technique that allows a program (such as a log writer)
>> to run as an unprivileged user, while receiving privileged data. (taken
>> almost verbatim from Gerrit Pape's socklog)
>>
>> #!/bin/sh
>> exec > exec 2>&1
>> exec softl
>-Original Message-
>From: Robert Menschel [mailto:[EMAIL PROTECTED]
>Sent: Tuesday, March 08, 2005 11:13 PM
>To: users@spamassassin.apache.org
>Subject: Whitelist collection project
>
>
>OK, based on what little discussion there's been so far, here's a
>draft proposal for people to think
On Tue, 8 Mar 2005, George Georgalis announced authoritatively:
> Here's what I'm doing that is broken. I use tcpserver (functionally
> similar to inetd) to receive an incoming smtp connection. While the
> smtp session is still open, the message is piped to a temp file which
> is then scanned for s
My SPF record was working, but is now failing for this list. So, it
seems that SPF checking has ratcheted up a notch. I've deleted my SPF
txt record in order to send this.
Anyhow...
The record was
"v=spf1 a mx ptr include:earthlink.net ~all"
I smarthost my mail through smtpauth.earthlink.net. The
Hi
In the mailheader below there is (unless I'm blind) nowhere a trace of
US-ASCII & 8Bit encoding. Nevertheless the airmax.cf ruleset has a hit
for 2 points. Could somebody please enlighten me why the airmax.cf
rule below still applies?
Thank you
Philipp
2.0 US_8BIT US-ASCII isn't an eight bit
Kris Deugau wrote:
Stephane Parenton wrote:
A mail server, serving several domains : domain_a.com, domain_b.com,
domain_c.com etc...
for the moment, domain_a and domain_b are filtered, but if everything
runs ok, all the domains should be filtered
When a mail arrives, it's controled, scored,
John
only a few in few hours (china daily ones) or so, but not yukon
ones...here's my hit list for one I did catch.. (note I've bumoe my
BAYES_99 score to the pre SA3.0 score!)
5.40BAYES_99Bayesian spam probability is 99 to 100%
2.29BIZ_TLD Contains an URL in the BIZ top-level do
On Tuesday, March 8, 2005, 8:13:05 PM, Robert Menschel wrote:
> OK, based on what little discussion there's been so far, here's a
> draft proposal for people to think about.
> Summary: A group of volunteers will maintain a collected/distributed
> whitelist, using SpamAssassin's whitelist_from_rcvd
> FI> Lint output: debug: SpamAssassin version 3.0.2
> FI> ...
> FI> config: SpamAssassin failed to parse line, skipping: rewrite_subject
1
> FI> config: SpamAssassin failed to parse line, skipping: subject_tag
*SPAM*
> FI> [...etc...]
>
> You have --lint errors here that are probably in yo
Robert Menschel wrote:
OK, based on what little discussion there's been so far, here's a
draft proposal for people to think about.
Summary: A group of volunteers will maintain a collected/distributed
whitelist, using SpamAssassin's whitelist_from_rcvd capabilities,
similar to (but in the opposite
OK, based on what little discussion there's been so far, here's a
draft proposal for people to think about.
Summary: A group of volunteers will maintain a collected/distributed
whitelist, using SpamAssassin's whitelist_from_rcvd capabilities,
similar to (but in the opposite direction as) William S
email builder wrote:
All,
Some postings a while back led me to believe that I could specify multiple
hosts for the -d option of spamc. I understood that it would operate
basically on a fallback basis (not load balancing). However, I can't seem to
get spamc to use more than one of the -d listing
All,
Some postings a while back led me to believe that I could specify multiple
hosts for the -d option of spamc. I understood that it would operate
basically on a fallback basis (not load balancing). However, I can't seem to
get spamc to use more than one of the -d listings. I've tried:
/us
At 07:23 PM 3/8/2005, email builder wrote:
I have a global setting in my SQL-based userprefs for use_auto_whitelist.
I am noticing that spamd -D shows these messages about it, which confuse me:
debug: retrieving prefs for [EMAIL PROTECTED] from SQL server
debug: config: not parsing, administrator
Hi,
I have a global setting in my SQL-based userprefs for use_auto_whitelist.
I am noticing that spamd -D shows these messages about it, which confuse me:
debug: retrieving prefs for [EMAIL PROTECTED] from SQL server
debug: config: not parsing, administrator setting: use_auto_whitelist 1
deb
51 matches
Mail list logo
