On Mon, Mar 02, 2009 at 05:16:37AM +, RW wrote:
>
> As I understand it the difference between trusted and internal is that
> PBL/DUL checks are done at the internal/external boundary so
> they don't FP on mail submission into the trusted network.
Right.
> Firstly, doesn't that imply that re
On 01/03/09 7:55 PM, "Michael Scheidell" wrote:
> Last time I tried via your web site, I had a salesperson call me
> trying to convince me I should pay return path to 'bless' my marketing
> emails.
BTW: I trust your pointed out the error of his ways. If this ever happens
again, get the person
On 01/03/09 7:55 PM, "Michael Scheidell" wrote:
> Good first step, how, about an RFC complaint abuse@ address?
So you can complain about any errant returnpath.net emails? That has always
been in place. It would be inappropriate to complain about certified client
emails to our role accounts, ergo
As I understand it the difference between trusted and internal is that
PBL/DUL checks are done at the internal/external boundary so
they don't FP on mail submission into the trusted network.
Firstly, doesn't that imply that relaying services like Spamgourmet
could be treated as internal and not
On 01/03/09 7:58 PM, "Michael Scheidell" wrote:
> And why is this original email supposed to be a high priority? Must be a
> marketing person posting it.
Hah. Marketing. Yeah right. That's what it says in my sig. Oh, no wait ...
I believe the reason the email was highest priority is because I r
On 3/1/09, Jeff Chan wrote:
> For historical reasons, the SURBL public nameservers were serving
> individual lists ab, sc, ob and ws in addition to multi. However
> these individual lists have all been deprecated in favor of multi for
> several years since multi contains all lists. Traffic fo
Am 2009-03-01 13:51:18, schrieb John Lundin:
> Hi, Jake. How much ham do you receive with a British origin, a German
> domain and containing Russian URLs?
ROTFLOL
Thanks, Greetings and nice Day/Evening
Michelle Konzack
--
Linux-User #280138 with the Linux Counter, http://counter.li.org/
##
Am 2009-03-01 09:44:00, schrieb Jake Maul:
> http://pastebin.com/m58b01a0b
Score 7.6
> http://pastebin.com/me13959a
Score 7.8
You must do something wrong.
Thanks, Greetings and nice Day/Evening
Michelle Konzack
Systemadministrator
24V Electronic Engineer
Tamay Dogan Network
Am 2009-03-01 13:04:49, schrieb LuKreme:
> unless you are suggesting that they are MANUALLY logging into the
> webmail to then send 1 billion spams, yes it will.
Break them out, by allowing to send only 10 messages per hour from the
Webinterface... This is what I do here and it works quiet we
Am 2009-03-01 15:31:45, schrieb giga328:
>
> Nice idea. We were considering this for a long time because our mail server
> has built in support for email throttling. Luckily for me, configuring it
> will be done by my colleague as it is his part of the job. Tomorrow morning
> I will happily inform
On Sun, 2009-03-01 at 20:55 -0500, Michael Scheidell wrote:
> > We have created an entry on the Spamassassin wiki
> > http://wiki.apache.org/spamassassin/ReportingSpam
>
> Thanks.. Last time I tried via your web site, I had a salesperson call me
> trying to convince me I should pay return path to
> We have created an entry on the Spamassassin wiki
> http://wiki.apache.org/spamassassin/ReportingSpam
Sorry, but these people have no clue: RFC's? What the heck.
Received: from 38.109.196.48 ([38.109.196.48]) by rpnyex01.rpcorp.local
([192.168.1.16]) with Microsoft Exchange Server HTTP-DAV ;
> We have created an entry on the Spamassassin wiki
> http://wiki.apache.org/spamassassin/ReportingSpam
Thanks.. Last time I tried via your web site, I had a salesperson call me
trying to convince me I should pay return path to 'bless' my marketing
emails.
Good first step, how, about an RFC compl
Karsten Bräckelmann wrote on Mon, 02 Mar 2009 00:35:35 +0100:
> Please excuse my ignorance -- how fast is that? Also, there's quite a
> difference between identifying an "A" symbol and porn, isn't it?
Depends on how well the bodies form the alphabet ;-)
Kai
--
Kai Schätzl, Berlin, Germany
Get
On Sun, 2009-03-01 at 17:19 -0600, Luis Daniel Lucio Quiroz wrote:
> HI all,
>
> While studing a subject of hopfield for my master. Reading, I got that a
> Hopfield network is able to detect patterns even if inputs have noise. So
> for
> example many people could write A capital in many ways
Nice idea. We were considering this for a long time because our mail server
has built in support for email throttling. Luckily for me, configuring it
will be done by my colleague as it is his part of the job. Tomorrow morning
I will happily inform him that throttling is needed and suggested by som
Thank you Joseph,
I'm glad that it is social engineering and not some virus problem. I will
arrange that all users are informed that they will never be asked for their
passwords by email and we will see if in some time number of issues will
fall down.
Giga
Joseph Brennan wrote:
>
>
> If it's
HI all,
While studing a subject of hopfield for my master. Reading, I got that a
Hopfield network is able to detect patterns even if inputs have noise. So for
example many people could write A capital in many ways and hopfield network
will detect A symbol.
What do you think on using this to
Hi Greg,
I looked at Received headers and unfortunately, Received headers added by
our webmail are not standard ones. Except for the proxy.IP in the following
example, all IPs and all FQDNs are from our servers. Here is the (ugly)
example:
Received: from our.domain ([our.webmail.private.IP])
by
On Sat, Feb 28, 2009 at 4:49 PM, Seba Mueld wrote:
>
> I'm using spamassassin (3.2.5) with Postfix and DKIM-Filter 2.6.0.
>
> Spamassassin runs as content filter (spamd/spamc) like this:
> http://wiki.apache.org/spamassassin/IntegratedSpamdInPostfix
>
> In local.cf I've set the "report safe = 1".
On 1-Mar-2009, at 12:50, Joseph Brennan wrote:
If your users are consistently getting their passwords stolen,
then your
users are idiots and you will need to do something like add a
captcha to
the webmail login page.
If it's the Nigerian gangs that have been attacking university web
mai
If your users are consistently getting their passwords stolen, then your
users are idiots and you will need to do something like add a captcha to
the webmail login page.
If it's the Nigerian gangs that have been attacking university web mail
for about 12 months now, they are phishing your
On Sun, 2009-03-01 at 16:33 +, James Wilkinson wrote:
> An anonymous Nable user wrote:
> > I just upgraded my SA to 3.2.5 and now when I look in my /etc/init.d I do
> > not
> > see spamassassin listed anywhere in there.
>
> Which OS? How did you upgrade – cpan? yum? apt-get? From where did y
>>
>> Howdy,
>>
>> Lately I've been getting a lot of spam like this:
>>
>> http://pastebin.com/m58b01a0b
>> http://pastebin.com/me13959a
>>
>> The domain changes, but it's virtually always in the .de TLD
>> ("somedomain.de"). RelayCountries has this to say about that message
>> (I'm in the US,
On Sun, Mar 01, 2009 at 09:44:00AM -0700, Jake Maul wrote:
> The domain changes, but it's virtually always in the .de TLD
> [31067] dbg: metadata: X-Relay-Countries: GB
>
> They don't seem to trigger any remote tests at all DNSBLs, URIBLs,
> Pyzor, Razor, or Botnet. The only local tests trigge
On Sun, 2009-03-01 at 09:44 -0700, Jake Maul wrote:
> Howdy,
>
> Lately I've been getting a lot of spam like this:
>
> http://pastebin.com/m58b01a0b
> http://pastebin.com/me13959a
>
> The domain changes, but it's virtually always in the .de TLD
> ("somedomain.de"). RelayCountries has this to say
On Sun, 2009-03-01 at 07:25 -0800, Ricardo Kleemann wrote:
> Hi,
>
> I have some messages that are reporting AWL score but I'd like to
> remove that sender from the AWL. How can I do that?
See 'man spamassassin-run'. There's --remove-addr-from-whitelist=addr
for this, and some other options for
> Ricardo Kleemann wrote:
> > Are SBL/XBL tests automatically enabled or is there a plugin I need to
> > enable?
On 01.03.09 16:36, James Wilkinson wrote:
> SBL/XBL are tested as part of the SpamAssassin ZEN list for 3.2.x if you
> have network tests enabled.
and it is advised to stop using them
On 1-Mar-2009, at 06:47, giga328 wrote:
Spammers are stilling passwords from some of our users by using
viruses
(passwords are stolen, not guessed or brute force cracked).
Spammers have application which is able to authenticate to our webmail
interface and post email :)
If your users are con
Michelle Konzack schrieb:
> OK, but I have never untrusted <*.debian.org>
This is not about "untrusting". It's about telling SpamAssassin which
relays are trustworthy to begin with. Adding these hints greatly
improves the accuracy of SpamAssassin.
> Is there a way, to les spamassassin look re
> Matus UHLAR - fantomas wrote on Sun, 1 Mar 2009 01:47:29 +0100:
>
> > Unless there was another issue than McColo shutdown, it was since November
> > 11, 2008.
On 01.03.09 12:31, Kai Schaetzl wrote:
> That's another matter, it already increased early December to normal. This
> new selective dro
Howdy,
Lately I've been getting a lot of spam like this:
http://pastebin.com/m58b01a0b
http://pastebin.com/me13959a
The domain changes, but it's virtually always in the .de TLD
("somedomain.de"). RelayCountries has this to say about that message
(I'm in the US, btw):
[31067] dbg: metadata: X-Rel
Ricardo Kleemann wrote:
> Are SBL/XBL tests automatically enabled or is there a plugin I need to enable?
SBL/XBL are tested as part of the SpamAssassin ZEN list for 3.2.x if you
have network tests enabled.
Hope this helps,
James.
--
E-mail: james@ | “Sir, they’ve taken Mr. Rimmer!”
apr
Kban35 wrote:
> I just upgraded my SA to 3.2.5 and now when I look in my /etc/init.d I do not
> see spamassassin listed anywhere in there.
Which OS? How did you upgrade – cpan? yum? apt-get? From where did you
get 3.2.5?
Thanks,
James.
--
E-mail: james@ | “Drums must never stop. Very bad i
Are SBL/XBL tests automatically enabled or is there a plugin I need to enable?
Thanks
Ricardo
Hi,
I have some messages that are reporting AWL score but I'd like to remove that
sender from the AWL. How can I do that?
Thanks
Ricardo
I just upgraded my SA to 3.2.5 and now when I look in my /etc/init.d I do not
see spamassassin listed anywhere in there. How can I go about stopping and
starting SA?
--
View this message in context:
http://www.nabble.com/Spamassassin-Upgrade-tp22273876p22273876.html
Sent from the SpamAssassin -
Hello Benny,
Am 2009-03-01 15:12:16, schrieb Benny Pedersen:
> http://www.dnswl.org/ se the webpage first
Already checked, but
> can you make them into levels of NONE, LOW, MEDIUM, HI
>
> and then start with the LOW,MEDIUM,HI until all is listed where you
> get spam from is changed to NONE, you
On Sun, March 1, 2009 14:48, Michelle Konzack wrote:
> Am 2009-02-27 22:36:24, schrieb rafa:
>> Contacting dnswl.org can help all of us. They can downgrade those
>> servers from low to none.
> How should I do this?
http://www.dnswl.org/ se the webpage first
> In the meantime I have checked ALL s
giga328 writes:
> After posting email by webmail interface, message is routed to our outgoing
> SMTP server. It is scanned by spamd from SpamAssassin but it get low score.
> Low score is from tests ALL_TRUSTED and/or BAYES_xx and/or AWL.
> I'm not sure if we can remove webmail IP address from tr
Am 2009-02-28 09:20:02, schrieb Matthias Leisi:
> You should add the debian mailservers to your trust path
> (trusted_networks/internal_networks depending on circumstances) so that
> RBL checks are applied to the correct IP addresses.
OK, but I have never untrusted <*.debian.org>
Is there a way,
Hi!
We have some strong spam attacks done by combination of our webmail, viruses
and open proxies.
Situation is like this:
Our outgoing SMTP server is open only for users from our IP addresses and is
filtered for rest of the world. Our webmail interface is open to whole world
as our users need
On Sun, March 1, 2009 14:47, giga328 wrote:
> We have some strong spam attacks done by combination of our webmail,
> viruses and open proxies.
do you just trust email senders if thay are loged in to not spam
check it before leaving your network ?
(rest skipped]
--
http://localhost/ 100% uptime
Am 2009-02-28 02:22:32, schrieb Karsten Bräckelmann:
> Uhm, wait -- let me re-phrase my hasty suggestion to report to dnswl.org
> for removal.
OK, gotten...
> IP address 70.103.162.29 is listed at dnswl.org with the following
> details:
> Domain: debian.org; [...]
> Maybe you should tell Debian
Am 2009-02-27 22:36:24, schrieb rafa:
> Contacting dnswl.org can help all of us. They can downgrade those
> servers from low to none.
How should I do this?
In the meantime I have checked ALL spams manualy from a bash script and
it seems, there are more then 300 IP's listet on DNSWL.
Should I f
Hi all,
We have some strong spam attacks done by combination of our webmail, viruses
and open proxies.
Situation is like this:
Our outgoing SMTP server is open only for users from our IP addresses and is
filtered for rest of the world. Our webmail interface is open to whole world
as our users ne
Am 2009-02-28 00:48:44, schrieb Martin Gregorie:
> Have you tried editing
> score RCVD_IN_DNSWL_LOW 0
> into /etc/mail.spamassassin/local.cf ?
I have had it in
${HOME}/.spamassassin/local.cf
(as written in the manpage) and it was not working. Since yesterday it
is in
${HOME}/.spamassa
Matus UHLAR - fantomas wrote on Sun, 1 Mar 2009 01:47:29 +0100:
> Unless there was another issue than McColo shutdown, it was since November
> 11, 2008.
That's another matter, it already increased early December to normal. This
new selective drop started end of January from checking my graphs no
On Sun, March 1, 2009 07:11, Roger Marquis wrote:
> Based on your post we are retesting AWL starting with a low
> threshold (0.1).
please clearify more, AWL is not a whitelist, imho if AWL makes
problems adjust auto_whitelist_factor in AWL plugin
default is 0.5 try 0.1 or 0.9 and see results fro
49 matches
Mail list logo
