From: "Chris Santerre" <[EMAIL PROTECTED]>
One of our users received a spam today from genutrust .com, URL in spam
CHICHIMECA .COM
This spam was VERY targeted. User's first and last name, complete address,
and her phone number. She informed me her phone number was listed with
initials of her an
On Mon, 24 Jul 2006 22:12:14 +0100, Ben Wylie
<[EMAIL PROTECTED]> wrote:
>I am running SpamAssassin 3.1.2 on Windows 2003 Server.
>
>Is there any way for me to change the DNS timeout period?
>
>Is there a way for me to increase debugging info on DNSBL tests?
>When for some reason, if all DNS tests
On Mon, 24 Jul 2006 19:25:23 +0100, Ben Wylie
<[EMAIL PROTECTED]> wrote:
>Am running SpamAssassin 3.1.2 on Windows 2003 Server.
>
>I have written a meta rule and i want it to only hit if it hits the
>first rule AND one of the three in brackets.
>
>This syntax doesn't seem to work as it hits when
I am running SpamAssassin 3.1.2 on Windows 2003 Server.
Is there any way for me to change the DNS timeout period?
Is there a way for me to increase debugging info on DNSBL tests?
When for some reason, if all DNS tests work, no positive results are
given, and only if it times out on some of them
This is just a warning that you can ignore. If it bothers you, the best solution would be to
upgrade to 3.1.3. Alternately, you could try this on your lib/Mail/SpamAssassin/HTML.pm:
182c182,189
< $hp->parse(pack ('C0A*', $text));
---
> {
> local $SIG{__WARN__} = sub {
> warn @_ u
On Mon, Jul 24, 2006 at 07:25:23PM +0100, Ben Wylie wrote:
> This syntax doesn't seem to work as it hits when it hits one of the last
> three but not the first one.
>
> meta DRUGS_RX (__RX + (__SPEN_DING || __PRESCRIPTION || __SAVE))
You want a boolean and (&&). The way you've done it the "+" l
Ben Wylie wrote:
> Am running SpamAssassin 3.1.2 on Windows 2003 Server.
>
> I have written a meta rule and i want it to only hit if it hits the
> first rule AND one of the three in brackets.
>
> This syntax doesn't seem to work as it hits when it hits one of the
> last three but not the first on
Hi,
it seems to me that one of the big problems of email is the fact that email
clients
more or less hide the email address in favor of the display name,
and that many users seem to lack the knowledge to check, let alone understand,
message headers
I guess most people should be able to notice the
On Mon, 24 Jul 2006, Ramprasad wrote:
> > Except = SPF breaks email forwarding. It requires that the world
> > change how email is forwarded and that's not going to happen. Thus if
> > a bank has a hard fail and someone with an account on my server gets
> > email from an account that is forwarded
Am running SpamAssassin 3.1.2 on Windows 2003 Server.
I have written a meta rule and i want it to only hit if it hits the
first rule AND one of the three in brackets.
This syntax doesn't seem to work as it hits when it hits one of the last
three but not the first one.
meta DRUGS_RX (__RX +
Domainkeys does less harm to forwarded messages than spf - a forwarder just has
to put
a Sender: header there, rother than implement srs
Wolfgang Hamann
>>
>> Michael Scheidell wrote:
>> >> -Original Message-
>> >> From: Graham Murray [mailto:[EMAIL PROTECTED]
>> >> Sent: Monday, July
Title: SPAM: Increase in targeted spams
From: Chris Santerre
[mailto:[EMAIL PROTECTED] Sent: Monday, July 24,
2006 10:19 AMTo: Spaml (E-mail); SaTalk (E-mail)Subject:
SPAM: Increase in targeted spams
One of our users received a spam today from
genutrust .com, URL in s
John D. Hardin wrote:
On Mon, 24 Jul 2006, Daryl C. W. O'Shea wrote:
I assume that means the redirector_pattern I suggested is not
necessary?
Right. Anything that would match (https?:\/\/.*) is already taken care
of by SA internally.
The problem is that SA doesn't then go on to do chec
Jeff Chan wrote:
On Monday, July 24, 2006, 1:34:35 AM, Daryl O'Shea wrote:
Being a simple visible redirector, SA actually does detect it:
[7375] dbg: uri: cleaned html uri,
http://1092229727:/https-www.paypal.com/webscrr/index.php
[7375] dbg: uri: html domain, google.com
The problem i
Marc Perkel wrote:
But I have no control over the servers that forward to me. Thus SPF is
useless.
so, again, bottom line:
SMTP is broken. has been, phishing, forgeries, email viruses prove it.
YOU fix it without breaking something.
It can't be done.
All you can do is compromise., and ps, SP
But I have no control over the servers that forward to me. Thus SPF is
useless.
Michael Scheidell wrote:
Ramprasad wrote:
I know this is a troll subject
Yes SPF breaks email forwarding, so does PTR checking ( which never was
a great idea IMHO ). Every technique has some drawbacks. SPF has som
Ramprasad wrote:
I know this is a troll subject
Yes SPF breaks email forwarding, so does PTR checking ( which never was
a great idea IMHO ). Every technique has some drawbacks. SPF has some
but is still better than the rest
When you want add security to an inherently insecure medium you cant say
> Except = SPF breaks email forwarding. It requires that the world
> change how email is forwarded and that's not going to happen. Thus if
> a bank has a hard fail and someone with an account on my server gets
> email from an account that is forwarded then my server sees the email
> as coming from
Michael Scheidell <[EMAIL PROTECTED]> writes:
> Also, and if you require all mail servers to only take mail from
> xxx.bank.com, what good is that? doesn't that break how everyone
> receives email?
No. It just rings very loud alarm bells when an email claiming to be
from the bank comes from a ser
I have found this in the archives, but I did not find a solution yet.
On a mailserver that I have upgraded to Debian Sarge, the following
warning appears when I am running sa-learn:
Parsing of undecoded UTF-8 will give garbage when decoding entities at
/usr/share/perl5/Mail/SpamAssassin/HTML.pm li
On Mon, 24 Jul 2006, Daryl C. W. O'Shea wrote:
> > > href="http://www.google.com/pagead/iclk?sa=l&ai=Br3ycNQz5Q-fXBJGSiQLU0eDSAueHkArnhtWZAu-FmQWgjlkQAxgFKAg4AEDKEUiFOVD-4r2f-P8BoAGyqor_A8gBAZUCCapCCqkCxU7NLQH0sz4&num=5&adurl=http://1092229727:/https-www.paypal.com/webscrr/index.php";>Cli
Title: SPAM: Increase in targeted spams
One of our users received a spam today from genutrust .com, URL in spam CHICHIMECA .COM
This spam was VERY targeted. User's first and last name, complete address, and her phone number. She informed me her phone number was listed with initials of her an
Chris Santerre wrote:
Aren't we dealing with a boolean data set? Its
either spam or ham. Which you train your software to look for doesn't
really matter.
Actually not. I look at email differently. I process 4 different grades
of spam and 3 grades of ham. As to my Black/White/yellow listi
Title: RE: New DNS Black list, White List, Yellow List
> -Original Message-
> From: Ramprasad [mailto:[EMAIL PROTECTED]]
> Sent: Monday, July 24, 2006 7:08 AM
> To: Marc Perkel
> Cc: John Andersen; spamassassin-users
> Subject: Re: New DNS Black list, White List, Yellow List
>
>
>
Marc Perkel wrote:
Except = SPF breaks email forwarding. It requires that the world change
how email is forwarded and that's not going to happen. Thus if a bank
has a hard fail and someone with an account on my server gets email
from an account that is forwarded then my server sees t
Michael Scheidell wrote:
-Original Message-
From: Graham Murray [mailto:[EMAIL PROTECTED]]
Sent: Monday, July 24, 2006 7:44 AM
To: users@spamassassin.apache.org
Subject: Re: New DNS Black list, White List, Yellow List
Ramprasad <[EMAIL PROTECTED]> writes:
> -Original Message-
> From: Graham Murray [mailto:[EMAIL PROTECTED]
> Sent: Monday, July 24, 2006 7:44 AM
> To: users@spamassassin.apache.org
> Subject: Re: New DNS Black list, White List, Yellow List
>
>
> Ramprasad <[EMAIL PROTECTED]> writes:
>
> > A lot of banks/legitimate bulk em
On Monday, July 24, 2006, 1:34:35 AM, Daryl O'Shea wrote:
> Being a simple visible redirector, SA actually does detect it:
> [7375] dbg: uri: cleaned html uri,
> http://1092229727:/https-www.paypal.com/webscrr/index.php
> [7375] dbg: uri: html domain, google.com
> The problem is that SA doe
Ramprasad <[EMAIL PROTECTED]> writes:
> A lot of banks/legitimate bulk email senders change their relay
> server. Many reasons for that. The most common is that they use a third
> party to relay their mails and these would keep changing
Especially for banks and other high risk phishing targets,
>
> An ISP wpuld never be whitelisted anyhow. Whitelisting is for things
> like banks and other institutions and organizations that produce no
> spam. Yellowlisting is for ISPs so that they don't accidentally get
> blacklisted. SPF is useless because few are using it due to the fact
> that it jus
- Original Message -
From: "jdow" <[EMAIL PROTECTED]>
To:
Sent: Monday, July 24, 2006 1:28 AM
Subject: Re: bayes sitewide
> From: "Obantec Support" <[EMAIL PROTECTED]>
> > From: "Logan Shaw" <[EMAIL PROTECTED]>
> >> On Sun, 23 Jul 2006, Obantec Support wrote:
> >> > /etc/mail/spamassas
John D. Hardin wrote:
This wasn't detected as a redirector attack by 3.1.3, running
sa-update weekly:
{snippage}
http://www.google.com/pagead/iclk?sa=l&ai=Br3ycNQz5Q-fXBJGSiQLU0eDSAueHkArnhtWZAu-FmQWgjlkQAxgFKAg4AEDKEUiFOVD-4r2f-P8BoAGyqor_A8gBAZUCCapCCqkCxU7NLQH0sz4&num=5&adurl=http://10
On Monday 24 July 2006 00:54, Daryl C. W. O'Shea wrote:
> Have a read through bug 4950. This might be it. If so, please
> provide as much info and log info as you can. If not, please open a
> new bug.
>
> http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4590
Right, it looks like the same s
33 matches
Mail list logo
