ram wrote:
> On Mon, 2009-06-15 at 15:35 +1000, Con Tassios wrote:
>> On Mon, 15 Jun 2009, Chip M. wrote:
>>
>>> DOB ("Day Old Bread") had the same problem last year:
>>> http://mail-archives.apache.org/mod_mbox/spamassassin-users/200810.mbox/%3cva.33f1.14690...@news.conactive.com%3e
>>>
>>> Wi
On Mon, 2009-06-15 at 15:35 +1000, Con Tassios wrote:
> On Mon, 15 Jun 2009, Chip M. wrote:
>
> > DOB ("Day Old Bread") had the same problem last year:
> > http://mail-archives.apache.org/mod_mbox/spamassassin-users/200810.mbox/%3cva.33f1.14690...@news.conactive.com%3e
> >
> > With software b
On Mon, 15 Jun 2009, Chip M. wrote:
> DOB ("Day Old Bread") had the same problem last year:
> http://mail-archives.apache.org/mod_mbox/spamassassin-users/200810.mbox/%3cva.33f1.14690...@news.conactive.com%3e
>
> With software bugs, lightning often DOES strike twice in the same
> spot. :)
I'm
On Jun 14, 2009, at 18:59, "Chip M." wrote:
In all (5) of the hams I found, the IP was in IANA Reserved space
(specifically 192.168.0.0/16).
Most where in reserved space, but by no means all of them.
I checked 2.5 months worth of logs for my most diverse domain, and
found only 5 (out of 2139
Chris Owen wrote:
> On Jun 14, 2009, at 8:10 PM, Bill Landry wrote:
>
>>> Mailman has specific functionality to remove signature headers so
>>> that the message can be resigned as it's sent out.
>
>> If that happens then the message is no longer signed by the original
>> sender, but rather by the
David Gibbs wrote:
> Bill Landry wrote:
>> This may be true if the sender were adding the footer before signing and
>> sending the message to the list. However, not true if it's the mailing
>> list that is adding the footer after the original sender has already
>> signed the message.
>
> As I und
Bill Landry wrote:
> This may be true if the sender were adding the footer before signing and
> sending the message to the list. However, not true if it's the mailing
> list that is adding the footer after the original sender has already
> signed the message.
As I understand it, in order for the
Charles Gregory wrote:
>Do they all have message ID's that include the IP? You could score
>that 0.3 or so to help push it over the line. Also give a bit mroe
Shiny - I had not noticed this pattern. Thanks guys! :)
LuKreme wrote:
>and found it hit more mailinglist ham than spam, so I'd tread
>ca
David Gibbs wrote:
> mouss wrote:
>> - mail admin at example.com configures his mail system to sign all
>> outbound mail with DKIM
>> - he rejects any mail with a From: in his domain if it doesn't have a
>> valid DKIM signature
>> - j...@example.com posts to a list that appends a footer (or munges
mouss wrote:
> - mail admin at example.com configures his mail system to sign all
> outbound mail with DKIM
> - he rejects any mail with a From: in his domain if it doesn't have a
> valid DKIM signature
> - j...@example.com posts to a list that appends a footer (or munges the
> Reply-To header, ass
DOB ("Day Old Bread") had the same problem last year:
http://mail-archives.apache.org/mod_mbox/spamassassin-users/200810.mbox/%3cva.33f1.14690...@news.conactive.com%3e
With software bugs, lightning often DOES strike twice in the same
spot. :)
- "Chip"
On Mon, 15 Jun 2009, Res wrote:
On Sat, 13 Jun 2009, John Hardin wrote:
On Sun, 14 Jun 2009, Res wrote:
> It's the weekend and I was bored :)
This list does not exist to provide you amusement.
Last time I looked, Justin ran this list, not you.
That's true. Fair enough, comment withdra
On Sun, 14 Jun 2009 13:20:21 +0200
mouss wrote:
> I am not as convinced as you:
>
> - this modifies the body, thus breaking signatures. when mail gets
> back to the same domain (sender and final recipient in same domain),
> this may cause problems. I agree that many lists do break signatures
>
Res wrote:
> On Sat, 13 Jun 2009, Charles Gregory wrote:
>
>> On Sun, 14 Jun 2009, Res wrote:
>>> Though now its Sunday, I have socialising to do, and none of that
>>> includes sitting on mailing lists listening to cry babies who expect
>>> people involved in OSSP's to drop everything and be their
On Mon, 15 Jun 2009, Res wrote:
On Sat, 13 Jun 2009, Charles Gregory wrote:
On Sun, 14 Jun 2009, Res wrote:
> Though now its Sunday, I have socialising to do, and none of that
> includes sitting on mailing lists listening to cry babies who expect
> people involved in OSSP's to drop everyth
On Sun, 14 Jun 2009, Arvid Picciani wrote:
On Sun, 14 Jun 2009, Arvid Picciani wrote:
I recently got a lot of crashes, any idea how I could find out why?
What information *do* you have?
Umm. It "crashed" and spamc can't connect to it anymore.
So I guess the answer is "none".
...and ther
On Sun, 14 Jun 2009, Arvid Picciani wrote:
I recently got a lot of crashes, any idea how I could find out why?
My mail log doesn't contain anything suspicious.
In the absence of evidence/logs, ask yourself 'what changed'? Did you add
anything new to your system around the time this started hap
On Sat, 13 Jun 2009, Charles Gregory wrote:
On Sun, 14 Jun 2009, Res wrote:
Though now its Sunday, I have socialising to do, and none of that includes
sitting on mailing lists listening to cry babies who expect people involved
in OSSP's to drop everything and be their servants.
So we'll just
On Sat, 13 Jun 2009, John Hardin wrote:
On Sun, 14 Jun 2009, Res wrote:
It's the weekend and I was bored :)
This list does not exist to provide you amusement.
Last time I looked, Justin ran this list, not you.
--
Res
-Beware of programmers who carry screwdrivers
a...@ibcsolutions.de a écrit :
> Excerpts from Charles Gregory's message of Thu Jun 11 07:13:02 -0700 2009:
>> How many accounts are we talking about here?
>> If it is just one or two addresses, and the user(s) being 'spoofed' have
>> distinctive *names* on their genuine 'From' headers, then you ca
Yet Another Ninja a écrit :
> On 6/14/2009 10:48 PM, Justin Mason wrote:
>> http://log.perl.org/2009/06/email-issues-org-blocked-now-fixed.html
>>
>> anyone know what URIBL provider this was?
>>
>> --j.
>
> Wouldn't we all have noticed if this would have been the case?
not if they use some unknow
Hi!
http://log.perl.org/2009/06/email-issues-org-blocked-now-fixed.html
anyone know what URIBL provider this was?
Wouldn't we all have noticed if this would have been the case?
Doesnt ring a bell here either, best to ask the guys who posted that?
Bye,
Raymond.
On 6/14/2009 10:48 PM, Justin Mason wrote:
http://log.perl.org/2009/06/email-issues-org-blocked-now-fixed.html
anyone know what URIBL provider this was?
--j.
Wouldn't we all have noticed if this would have been the case?
On 14-Jun-2009, at 10:23, David Gibbs wrote:
mouss wrote:
- this modifies the body, thus breaking signatures. when mail gets
back
to the same domain (sender and final recipient in same domain),
this may
cause problems. I agree that many lists do break signatures so the
receiving site should
David Gibbs a écrit :
> mouss wrote:
>> - this modifies the body, thus breaking signatures. when mail gets back
>> to the same domain (sender and final recipient in same domain), this may
>> cause problems. I agree that many lists do break signatures so the
>> receiving site should cope with this,
On 13-Jun-2009, at 22:04, David Gibbs wrote:
LuKreme wrote:
The unsubscribe link is right there in plain sight. Whether Gmail
conceals it from you has nothing to do with it.
Few consumer mail clients (Gmail, Yahoo, Thunderbird, OE, Outlook,
Lotus/Domino, etc) show the user headers by default
On Sun, 14 Jun 2009, John Hardin wrote:
header MSGIDIP Message-Id =~ /\...@\[[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+\]/
Refine that just a tiny bit:
header MSGIDIP Message-Id =~
/\...@\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\]/
LOL! Busted! I was being lazy!
- C
http://log.perl.org/2009/06/email-issues-org-blocked-now-fixed.html
anyone know what URIBL provider this was?
--j.
> On Sun, 14 Jun 2009, Arvid Picciani wrote:
>
> > I recently got a lot of crashes, any idea how I could find out why?
>
> What information *do* you have?
Umm. It "crashed" and spamc can't connect to it anymore.
So I guess the answer is "none".
> > My mail log doesn't contain anything suspici
On Sun, 14 Jun 2009, Arvid Picciani wrote:
I recently got a lot of crashes, any idea how I could find out why?
What information *do* you have?
My mail log doesn't contain anything suspicious.
Does running a sample message through spamassassin and spamc manually
yield any clues?
--
John
mouss wrote:
> - this modifies the body, thus breaking signatures. when mail gets back
> to the same domain (sender and final recipient in same domain), this may
> cause problems. I agree that many lists do break signatures so the
> receiving site should cope with this, but I am not sure they reall
Hi,
I recently got a lot of crashes, any idea how I could find out why?
My mail log doesn't contain anything suspicious.
thanks
--
Arvid
On Sun, 14 Jun 2009, Charles Gregory wrote:
On Sat, 13 Jun 2009, MySQL Student wrote:
Received: from [78.97.185.89] (unknown
[78.97.185.89])
Message-ID:
Do they all have message ID's that include the IP?
Yeah, great, it looks like they al
No, SA doesn't do that. The best way to do this is to write a plugin
where you can do whatever you want. :)
On Sun, Jun 14, 2009 at 3:18 PM, Charles Gregory wrote:
> Got a usage question. Is there a simple mechanism, similar to Perl's use
> of parantheses and $1 to 'capture' a value in one rule a
Got a usage question. Is there a simple mechanism, similar to Perl's use
of parantheses and $1 to 'capture' a value in one rule and USE that
captured value in the next rule?
For example:
To: Bob
Followed by one of
Subject: hello Bob
Subject: hello
So I would want to (using pure Perl as t
On Sat, 13 Jun 2009, MySQL Student wrote:
Received: from [78.97.185.89] (unknown
[78.97.185.89])
Message-ID:
Do they all have message ID's that include the IP?
Yeah, great, it looks like they all do. Would something like this work?
header MY
David Gibbs a écrit :
> LuKreme wrote:
>> The unsubscribe link is right there in plain sight. Whether Gmail
>> conceals it from you has nothing to do with it.
>
> Few consumer mail clients (Gmail, Yahoo, Thunderbird, OE, Outlook,
> Lotus/Domino, etc) show the user headers by default. This means
On Søn, Juni 14, 2009 03:10, MySQL Student wrote:
> Home | Contact Us | Privacy Policy | Terms of Use | Unsubscribe |
this is spammy line, with often faked domains (content looks like
micro$oft) but url is not there domain
> Where can I go from here?
sa-learn --spam < msg
and or make a rule f
38 matches
Mail list logo
