On Jun 21, 2009, at 23:48, "rich...@buzzhost.co.uk" > wrote:
On Mon, 2009-06-22 at 00:26 -0400, Matt Kettler wrote:
rich...@buzzhost.co.uk wrote:
Good morning,
Looking at the docs I see a 'don't add your customer rules here'
warning
in reference to the default /usr/share/spamassassin dir.
On Jun 21, 2009, at 11:07, John Hardin wrote:
Another highly-regarded DNSBL that listed that IP is
zen.spamhaus.org, which includes the cbl feed. A lot of people trust
zen enough to use it at the MTA level as a hard reject list.
Exactly. Using zen as a rejection at SMTP transaction saves o
On Mon, 2009-06-22 at 00:26 -0400, Matt Kettler wrote:
> rich...@buzzhost.co.uk wrote:
> > Good morning,
> >
> > Looking at the docs I see a 'don't add your customer rules here' warning
> > in reference to the default /usr/share/spamassassin dir. Instead it
> > lists a couple of options including l
rich...@buzzhost.co.uk wrote:
> Good morning,
>
> Looking at the docs I see a 'don't add your customer rules here' warning
> in reference to the default /usr/share/spamassassin dir. Instead it
> lists a couple of options including local.cf
>
> Is it possible to ask local.cf to include external file
Good morning,
Looking at the docs I see a 'don't add your customer rules here' warning
in reference to the default /usr/share/spamassassin dir. Instead it
lists a couple of options including local.cf
Is it possible to ask local.cf to include external files/dir for custom
rules at all?
Thanks
On Sun, 2009-06-21 at 23:21 +0200, mouss wrote:
> John Hardin a écrit :
>
> >/\(\s?w{2,4}\smeds\d{1,4}\s(?:net|com|org)\s?\)/
>
> you can replace "meds" by "(meds|shop)" to catch the "www shop95 net"
> variants.
body URI_OBFU_MEDSHOP /\(\s?w{2,4}\s(?:meds|shop)\d{1,4}\s(?:net|com|
org)\s?\)/
On Sun, June 21, 2009 2:47 pm, Bob Proulx wrote:
> Jeremy Morton wrote:
>> ...backscatter...
>> 'Your message to Gatewayav-discuss awaits moderator approval'
>
> The GNU Mailman mailing list software is a big offender in that area.
> The option to fix this is to set "respond_to_post_requests" to "
John Hardin a écrit :
> On Fri, 2009-06-19 at 09:24 -0700, John Hardin wrote:
>> On Fri, 2009-06-19 at 16:21 +0200, Paweł Tęcza wrote:
> body AE_MEDS35 /w{2,4}\s{0,4}meds\d{1,4}\s{0,4}(?:net|com|org)/
>>> I've just noticed "missing" 'i' switch for your rule regexp. Is it a bug
>>> or a fe
Jeremy Morton wrote:
> ...backscatter...
> 'Your message to Gatewayav-discuss awaits moderator approval'
The GNU Mailman mailing list software is a big offender in that area.
The option to fix this is to set "respond_to_post_requests" to "No" on
the main options page. Otherwise it is a serious ba
On Sun, 21 Jun 2009, Jeremy Morton wrote:
My SpamAssassin apparently isn't checking this blocklist; how do I get it to?
Another highly-regarded DNSBL that listed that IP is zen.spamhaus.org,
which includes the cbl feed. A lot of people trust zen enough to use it at
the MTA level as a hard re
On Sun, 2009-06-21 at 13:35 +0200, Benny Pedersen wrote:
> On Sun, June 21, 2009 13:23, Jeremy Morton wrote:
> > My SpamAssassin apparently isn't checking this blocklist; how do I get
> > it to?
>
> cbl is part of zen.spamhaus.org, but some ips is not in sync that fast, so
> check cbl in mta level
Michael Scheidell a écrit :
> spam, with a url link in it that opens up a yahoo.com web mail page and
> asks for yahoo.com credentials.
>
> don't know how that can help spammer, unless spammer is looking to only
> get email from yahoo.com users.
>
> see line 119 (highighted)
>
> http://pastebin.
On Sun, June 21, 2009 13:23, Jeremy Morton wrote:
> My SpamAssassin apparently isn't checking this blocklist; how do I get
> it to?
cbl is part of zen.spamhaus.org, but some ips is not in sync that fast, so
check cbl in mta level, this can be done in exim to
http://cbl.abuseat.org/faq.html
--
My SpamAssassin apparently isn't checking this blocklist; how do I get
it to?
Best regards,
Jeremy Morton (Jez)
Benny Pedersen wrote:
On Sun, June 21, 2009 12:04, Jeremy Morton wrote:
http://pastebin.com/m3b9629b6
http://cbl.abuseat.org/lookup.cgi?ip=190.244.172.161
On Sun, June 21, 2009 12:04, Jeremy Morton wrote:
> http://pastebin.com/m3b9629b6
http://cbl.abuseat.org/lookup.cgi?ip=190.244.172.161
--
xpoint
Jeremy Morton wrote:
> OK, so I just got one of those www medsXX com spams, and even though it
> hit my rule and got 2.0 added to it, it still didn't even get over 3
> points. Looks like it was sent from quite a legit host. What rules do
> other people get matching for this e-mail?
>
> http://pa
Michael Scheidell wrote:
> spam, with a url link in it that opens up a yahoo.com web mail page and
> asks for yahoo.com credentials.
>
> don't know how that can help spammer, unless spammer is looking to only
> get email from yahoo.com users.
>
> see line 119 (highighted)
>
> http://pastebin.com
OK, so I just got one of those www medsXX com spams, and even though it
hit my rule and got 2.0 added to it, it still didn't even get over 3
points. Looks like it was sent from quite a legit host. What rules do
other people get matching for this e-mail?
http://pastebin.com/m3b9629b6
Best re
18 matches
Mail list logo
