Hi,
on a fresh Debian 4.0 installation with Spamassassin 3.1.7 I get to
following message:
Oct 2 06:01:20 zoidberg spamd[17975]: spamd: connection from localhost
[127.0.0.1] at port 58519
Oct 2 06:01:21 zoidberg spamd[17975]: spamd: processing message
<[EMAIL PROTECTED]> for
[EMAIL PROTECTED]
Thank you all! That did the trick.
On Mon, 01 Oct 2007 21:40:35 -0700
Evan Platt <[EMAIL PROTECTED]> wrote:
> If you can get to it locally, but not remotely, it obviously isn't a
> spamassassin issue. You made no mention of your setup. Since you
> mentioned you can telnet localhost but not by
On Tue, 2 Oct 2007 at 00:34 -0400, [EMAIL PROTECTED] confabulated:
My mail client doesn't seem to be able to get to my spamassassin
server. When I "telnet 783" from the client, I get:
Trying ...
telnet: Unable to connect to remote host: Connection refused
I can telnet to localh
Ah. Could be that or / too. :)
Not a lot of information to go on ...
At 09:52 PM 10/1/2007, Daryl C. W. O'Shea wrote:
Evan Platt wrote:
If you can get to it locally, but not remotely, it obviously isn't
a spamassassin issue.
Actually, it sounds like he hasn't configured spamd to listen on an
Evan Platt wrote:
If you can get to it locally, but not remotely, it obviously isn't a
spamassassin issue.
Actually, it sounds like he hasn't configured spamd to listen on an
external interface. perldoc spamd..
-i [ipaddr], --listen-ip=ipaddr Listen on the IP ipaddr
Daryl
If you can get to it locally, but not remotely, it obviously isn't a
spamassassin issue. You made no mention of your setup. Since you
mentioned you can telnet localhost but not by the domain name, I'm
guessing you're behind a nat router? If that's the case, the problem
is when YOU behind the na
My mail client doesn't seem to be able to get to my spamassassin
server. When I "telnet 783" from the client, I get:
Trying ...
telnet: Unable to connect to remote host: Connection refused
I can telnet to localhost 783 from localhost but not if I telnet to the
domain name from loc
looks like the commercial version of DCC.
anyone else from this list spammed? where did they get their victim
list?
the want to help protect the internet from the next big spam outbreak.
Reputation services can play a significant role in blocking the next big
spam or malware outbreak, includi
On Mon, 1 Oct 2007, Daryl C. W. O'Shea wrote:
> John D. Hardin wrote:
> > On Thu, 27 Sep 2007, Sara wrote:
> >
> >> Just Go To The Link Given Below To See How You Can Get Everyone
> >> Begging You To Share Your Little Secret!
> >>
> >> http://cloakedlink.com/jcmyhpwnzp
> >
> > etc.
> >
> > Is
Loren Wilton wrote:
As far as I have understood it Botnet checks the first IP not being in
your "trusted networks".
botnet probably does such checks based on trusted_networks and
internal_networks settings: doesn't check IP in trusted_networks, but
continues on next IP when current one is in in
hanz wrote:
Thanks for the explanation and quick replies from everyone. I was definitely
wrong in my assumption on how botnet works.
I think I understand the issue now and my problem can easily be fixed by
skipping the IPs or my internal forwarders.
That is adding the following to botnet.cf fi
Thanks for the explanation and quick replies from everyone. I was definitely
wrong in my assumption on how botnet works.
I think I understand the issue now and my problem can easily be fixed by
skipping the IPs or my internal forwarders.
That is adding the following to botnet.cf fixed it.
botn
John D. Hardin wrote:
On Thu, 27 Sep 2007, Sara wrote:
Just Go To The Link Given Below To See How You Can Get Everyone
Begging You To Share Your Little Secret!
http://cloakedlink.com/jcmyhpwnzp
etc.
Is cloakedlink.com in the default redirectors list?
SA doesn't have a list of redirectors
Jerry Durand wrote:
On Mon, 2007-10-01 at 10:44 +0200, Matus UHLAR - fantomas wrote:
Does your provider puth AUTH information into message headers? If so,
those
servers are certainly broken. ZEN containt IPs like dynamic that are
not
suppoded to send mail directly, but through their SMTP server
Igor Chudov wrote:
[This message has also been posted to comp.mail.sendmail.]
My mailserver gets a lot of errors reported such as:
Oct 1 11:49:36 ak74 sendmail[31464]: l91Gnatt031464: nat.incompany.ru
[83.167.0.4] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA
Oct 1 11:49:37 ak74
Well that didn't totally work, I received a 550 from fantomas.sk. If anyone is
willing to check my headers off-list, contact me with a private e-mail.
I'd like to make sure I have the new system set up right before I add some more
domains to it.
Thanks.
On Mon, 2007-10-01 at 10:44 +0200, Mat
[This message has also been posted to comp.mail.sendmail.]
My mailserver gets a lot of errors reported such as:
Oct 1 11:49:36 ak74 sendmail[31464]: l91Gnatt031464: nat.incompany.ru
[83.167.0.4] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA
Oct 1 11:49:37 ak74 sendmail[31460]: l91G
On Mon, 2007-10-01 at 10:44 +0200, Matus UHLAR - fantomas wrote:
> Does your provider puth AUTH information into message headers? If so,
> those
> servers are certainly broken. ZEN containt IPs like dynamic that are
> not
> suppoded to send mail directly, but through their SMTP server. (they
> are
John D. Hardin schrieb:
On Mon, 1 Oct 2007, Obantec Support wrote:
DROPPRIVS=yes
:0fw
* < 512000
| /usr/bin/spamc
:0:
* ^X-Spam-Status: Yes
$HOME/mail/spam
SPAM='spam'
:0fw: $SPAM$LOGNAME.lock
this will scan only one message for one user at a time.
Matthias
On Mon, 1 Oct 2007, Obantec Support wrote:
> DROPPRIVS=yes
> :0fw
> * < 512000
> | /usr/bin/spamc
> :0:
> * ^X-Spam-Status: Yes
> $HOME/mail/spam
That looks okay. There's a more complex example at
http://www.impsec.org/~jhardin/antispam that you might want to look
at.
> do i need to use the lo
Jonas Eckerman wrote:
(The idea below is not mine, someone else (I'm sorry, but I forgot
who) wrote about it here (I think) before.)
Giampaolo Tomassoni wrote:
brand-new domains,
Something that could work for this without the problems inherent in
using whois or registry databases is to sim
ram schrieb:
> I got this spam mail that was actually in a DNSWL
>
> https://ecm.netcore.co.in/tmp/fn.txt
>
> How can I report this.
Reports go to: [EMAIL PROTECTED]
regards,
rolf
Dietmar Braun wrote:
Wednesday, September 26, 2007, 12:12:13 PM, you wrote:
m> then you should say what exactly you want to achieve. we could spend a month
at guess games.
I think I said all you have to know - the one missing was just the
"domain dependent" thing.
Additionally, this reject
Hi
3.2.3 SA on FC3
just need to ensure i have the master .procmailrc syntax correct for spamc
i am using
DROPPRIVS=yes
:0fw
* < 512000
| /usr/bin/spamc
:0:
* ^X-Spam-Status: Yes
$HOME/mail/spam
do i need to use the lock as per the procmail.example which uses
:0fw: spamassassin.lock
* < 512
I got this spam mail that was actually in a DNSWL
https://ecm.netcore.co.in/tmp/fn.txt
How can I report this.
Thanks
Ram
Hey, anyone willing to add another day to the year gets my vote!
Clay
>>> <[EMAIL PROTECTED]> 9/30/2007 12:45 PM >>>
they did not even learn the calendar at school
Wolfgang
>From a stock spam:
+++
5-day price: ~$0.50
Check it at 31.09.2007
Also rejecting non-existant recipients straight away helps a lot - I'm dropping
over 65% of my traffic this way..
--
Martin Hepworth
Snr Systems Administrator
Solid State Logic
Tel: +44 (0)1865 842300
> -Original Message-
> From: Adam Wilbraham [mailto:[EMAIL PROTECTED]
> Sent: 01 Octobe
The message the OP Kenneth Porter sent? No, it wasn't a phish.
At 10:01 AM 9/30/2007, Michelle Konzack wrote:
Right, but PayPal write the ful name in the "From:" header too.
So, the message from the OP is definitivly a phish.
On Sat, 29 Sep 2007 13:43:55 -0500
"John Schmerold" <[EMAIL PROTECTED]> wrote:
> Problem is SA, I don't have enough computer to do serious content
> checking. Anyone care to recommend a few rules that will tend to catch
> a big chunk of the spam without sucking too much brainpower from this
> VPS
As far as I have understood it Botnet checks the first IP not being in
your "trusted networks".
botnet probably does such checks based on trusted_networks and
internal_networks settings: doesn't check IP in trusted_networks, but
continues on next IP when current one is in internal_networks
(wher
I have a Public folder containing spam (dragged not forwarded).
I want to use sa-learn to teach them as being spam. So I used
Thunderbird to download the Public Folder via IMAP into MBOX format.
Looking at the MBOX file, A typical header is:
--_=_NextPart_001_01C774F8.2EE0E1BA--
From - Mo
Am 2007-09-28 10:32:47, schrieb Skip:
> I saw one of these nearly a month ago, but that was it. That it comes
> addressed to a personal name is a bit disturbing.
>
> - Skip
>
- END OF REPLIED MESSAGE -
Right, but PayPal write the ful name in the "
Hi,
there are any repository of localize rules? I recieved some spam in
italian...
Thanks
--
Paolo De Marco
> > Thanks for confirming how botnet works. This is exactly
> > the problem!
> >
> > Botnet.pm is only checking the LAST IP and not the FIRST
> > in the example email.
> >
> > The first IP in the list is a definite botnet source but
> > botnet.pm does not detect this as a botnet email.
On 29.0
> At 02:31 PM 9/28/2007, John Rudd wrote:
> >Consider this senario:
> >
> > a) user on dynamic IP sends email to their ISP's mail server
> > b) ISP's mail server submits message to your mail server
> >
> >In your suggested processing, this would generate a false positive:
> >the message would
35 matches
Mail list logo
