MySQL Student wrote:
> Hi,
>
> I'm looking an email that appears to be one of the users from the
> whitelist, but instead was from:
>
>From probesqt...@segunitb1.freeserve.co.uk Mon Jul 27 19:49:19 2009
>
> Why can't a comparison be made between the "From:" info and the actual
> sender? Is thi
On Mon, 27 Jul 2009, Matus UHLAR - fantomas wrote:
On Sat, 25 Jul 2009, Michael W. Cocke wrote:
There doesn't seem to be a web interface to subscribe/unscribe from
this list. The email address
"users-unsubscr...@spamassassin.apache.org" complains that my IP
address is dynamic (which is why I
On Mon, 2009-07-27 at 14:51 +0100, rich...@buzzhost.co.uk wrote:
> http://pastebin.com/m2cbc0965
>
> This is scoring way low. Coming in from Hotmail (I would love to
> blacklist these but some people just insist on using it).
>
> 10 in the last hour. Lart'd Hotmail abuse, but the content does not
Hi,
I'm looking an email that appears to be one of the users from the
whitelist, but instead was from:
From probesqt...@segunitb1.freeserve.co.uk Mon Jul 27 19:49:19 2009
Why can't a comparison be made between the "From:" info and the actual
sender? Is this because of virtual domains and/or
On Mon, 27 Jul 2009, Daniel J McDonald wrote:
On Mon, 2009-07-27 at 17:31 +0300, Jari Fredriksson wrote:
On Mon, 2009-07-27 at 14:51 +0100, rich...@buzzhost.co.uk wrote:
I also used these local rules (some shamelessly copied off this
forum):
body__TRMB_YOUR_NAME
/(^|\W)(your(\s+|\s+
On Mon, 27 Jul 2009, Mike Wallace wrote:
John, the current version doesn't trap that type of URI and that's why I
am using the older version and mentioned it.
That's odd, because I added that sample line to my testbed and it did hit:
[31850] dbg: rules: ran body rule URI_OBFU_WWW ==> got
John, the current version doesn't trap that type of URI and that's why I am
using the older version and mentioned it.
I have collected 13 examples of obfuscated URIs that I can send you.
Mike
- Original Message -
From: "John Hardin"
To: "Mike Wallace"
Cc: "twofers" , users@s
On Mon, 2009-07-27 at 17:31 +0300, Jari Fredriksson wrote:
> > On Mon, 2009-07-27 at 14:51 +0100, rich...@buzzhost.co.uk wrote:
> > I also used these local rules (some shamelessly copied off this
> > forum):
> > body__TRMB_YOUR_NAME
> > /(^|\W)(your(\s+|\s+\w+\s+)names?|last.name:|full.
On Mon, 27 Jul 2009, Mike Wallace wrote:
I found the only ruleset that catches this to be:
http://svn.apache.org/viewvc/spamassassin/trunk/rulesrc/sandbox/jhardin/20_uri_obfu_ws.cf?revision=795578
And then only the last two rules fired.
That's old. Lose the ?revision... bit to see the curren
I found the only ruleset that catches this to be:
http://svn.apache.org/viewvc/spamassassin/trunk/rulesrc/sandbox/jhardin/20_uri_obfu_ws.cf?revision=795578
And then only the last two rules fired.
On Jul 27, 2009, at 6:35 AM, twofers wrote:
This is pretty basic and straight forward isn't it?
MySQL Student wrote:
Hi,
* 3.0 RCVD_IN_UCEPROTECT2 RBL: Received via a relay in
* dnsbl-2.uceprotect.net
* [81.202.69.68 listed in dnsbl-2.uceprotect.net]
* 2.0 RCVD_IN_UCEPROTECT3 RBL: Received via a relay in
* dnsbl-3.uceprotect.net
*
> > On Mon, July 27, 2009 17:17, Christian Kuehn wrote:
> >
> >> [30132] dbg: conf: trusted_networks are not configured; it is
> >> recommended that you configure trusted_networks manually
> >
> > this might be the error, unsure if it is, but try add your
> wan ip's to
> > trusted_n
On Mon, July 27, 2009 18:02, Christian Kuehn wrote:
> [4177] dbg: dns: checking RBL list.dnswl.org., set dnswl-firsttrusted
> [4177] dbg: dns: IPs found: full-external: 66.211.168.231, 10.243.56.55,
> 10.243.57.25 untrusted: 66.211.168.231 originating:
> But no DNS-check furthermore
okay make
Hi,
> * 3.0 RCVD_IN_UCEPROTECT2 RBL: Received via a relay in
> * dnsbl-2.uceprotect.net
> * [81.202.69.68 listed in dnsbl-2.uceprotect.net]
> * 2.0 RCVD_IN_UCEPROTECT3 RBL: Received via a relay in
> * dnsbl-3.uceprotect.net
> * [81.20
Benny Pedersen schrieb:
> On Mon, July 27, 2009 17:17, Christian Kuehn wrote:
>
>> [30132] dbg: conf: trusted_networks are not configured; it is
>> recommended that you configure trusted_networks manually
>
> this might be the error, unsure if it is, but try add your wan ip's to
> trusted_netw
Benny Pedersen schrieb:
> On Mon, July 27, 2009 17:17, Christian Kuehn wrote:
>
>> [30132] dbg: conf: trusted_networks are not configured; it is
>> recommended that you configure trusted_networks manually
>
> this might be the error, unsure if it is, but try add your wan ip's to
> trusted_netw
On Mon, July 27, 2009 17:17, Christian Kuehn wrote:
> [30132] dbg: conf: trusted_networks are not configured; it is
> recommended that you configure trusted_networks manually
this might be the error, unsure if it is, but try add your wan ip's to
trusted_networks, and imho also to msa_networks
Benny Pedersen schrieb:
> On Mon, July 27, 2009 15:21, Christian Kuehn wrote:
>
>>> did you try manually query dnswl servers? It's possible that they blocked
>>> lookups from you for some reason...
>> Nope, the requests via dig work fine and successful.
>
> next step is spamassassin 2>&1 -D -t
On Mon, July 27, 2009 15:21, Christian Kuehn wrote:
>> did you try manually query dnswl servers? It's possible that they blocked
>> lookups from you for some reason...
> Nope, the requests via dig work fine and successful.
next step is spamassassin 2>&1 -D -t msg | less
any trusted lines ?
--
Benny Pedersen schrieb:
> On Mon, July 27, 2009 14:03, Christian Kuehn wrote:
>
>> [8845] dbg: dns: checking RBL list.dnswl.org., set dnswl-firsttrusted
>> All other RBL-checks are done fine, but no DNSWL.
>> Any ideas?
>
> is there trusted ip in the mail ?
>
> spamassassin 2>&1 -D -t msg | gr
On Mon, July 27, 2009 15:14, Matus UHLAR - fantomas wrote:
> did you try manually query dnswl servers? It's possible that they blocked
> lookups from you for some reason...
try the web so
--
xpoint
On Mon, July 27, 2009 14:03, Christian Kuehn wrote:
> [8845] dbg: dns: checking RBL list.dnswl.org., set dnswl-firsttrusted
> All other RBL-checks are done fine, but no DNSWL.
> Any ideas?
is there trusted ip in the mail ?
spamassassin 2>&1 -D -t msg | grep trusted | less
if yes is the ip that
On Mon, 2009-07-27 at 17:31 +0300, Jari Fredriksson wrote:
> Thanks there! Much better now, but I wonder what happened to my AWL. It
> was not there in my last post..
Yes, which is exactly what AWL is. You just piped the message through SA
a second time. Previously, it was the first time you saw a
> On Mon, 2009-07-27 at 14:51 +0100, rich...@buzzhost.co.uk wrote:
> I also used these local rules (some shamelessly copied off this
> forum):
>
> body MILLION_EURO
> /\b(million|hundred.{0.40}\bthousand)\b.{0,40}\b(euro|pound)s?\b/i
> describe MILLION_EURO Talks about millions of Euros
Jari Fredriksson wrote:
Content analysis details: (6.2 points, 5.0 required)
pts rule name description
-- --
1.0 HTML_MESSAGE BODY: HTML included in message
0.0 BAYES_50 BODY: Bayes
On Mon, 2009-07-27 at 14:51 +0100, rich...@buzzhost.co.uk wrote:
> http://pastebin.com/m2cbc0965
>
> This is scoring way low. Coming in from Hotmail (I would love to
> blacklist these but some people just insist on using it).
Scores a healthy 13 here. Mostly using custom rules.
X-Spam-Report:
> http://pastebin.com/m2cbc0965
>
> This is scoring way low. Coming in from Hotmail (I would
> love to blacklist these but some people just insist on
> using it).
>
> 10 in the last hour. Lart'd Hotmail abuse, but the
> content does not seem to be catching ?
Content analysis details: (6.2 poi
rich...@buzzhost.co.uk wrote:
http://pastebin.com/m2cbc0965
This is scoring way low. Coming in from Hotmail (I would love to
blacklist these but some people just insist on using it).
10 in the last hour. Lart'd Hotmail abuse, but the content does not seem
to be catching ?
I get hits against
On Mon, 27 Jul 2009, twofers wrote:
Can someone explain to me why one of the rule sets downloaded using
SA-Update could not fire on:
?Subject: cenogenetic
?
and the body having only and nothing else but:
?Performing Cunnilringus -- An Art of Pleasure.www.onlyviagra net
?
I thought a "sex" rule
Matus UHLAR - fantomas schrieb:
> On 27.07.09 14:03, Christian Kuehn wrote:
>> I found that my SA 3.2.5 do NOT perform the checks agains DNSWL.
>> The debug contains:
>>
>> [8845] dbg: plugin: loading Mail::SpamAssassin::Plugin::DNSEval from @INC
>> [8845] dbg: dns: is DNS available? 1
>> [88
On 27.07.09 14:03, Christian Kuehn wrote:
> I found that my SA 3.2.5 do NOT perform the checks agains DNSWL.
> The debug contains:
>
> [8845] dbg: plugin: loading Mail::SpamAssassin::Plugin::DNSEval from @INC
> [8845] dbg: dns: is DNS available? 1
> [8845] dbg: dns: checking RBL list.dnswl.org
> On Sat, 25 Jul 2009, Michael W. Cocke wrote:
> > There doesn't seem to be a web interface to subscribe/unscribe from
> > this list. The email address
> > "users-unsubscr...@spamassassin.apache.org" complains that my IP
> > address is dynamic (which is why I use dyndns.org, thank you very
> > mu
> > On Sat, 25 Jul 2009 18:07:12 -0400
> > "Michael W. Cocke" wrote:
> >
> >> There doesn't seem to be a web interface to subscribe/unscribe from
> >> this list. The email address
> >> "users-unsubscr...@spamassassin.apache.org" complains that my IP
> >> address is dynamic (which is why I use d
RW schrieb:
> On Mon, 27 Jul 2009 14:03:13 +0200
> Christian Kuehn wrote:
>
>> [8845] dbg: dns: checking RBL list.dnswl.org., set dnswl-firsttrusted
>>
>>
>> All other RBL-checks are done fine, but no DNSWL.
>
> Are you sure your trusted network is correct?
Yes, correct settings!
--
Chris
On Mon, 27 Jul 2009 14:03:13 +0200
Christian Kuehn wrote:
> [8845] dbg: dns: checking RBL list.dnswl.org., set dnswl-firsttrusted
>
>
> All other RBL-checks are done fine, but no DNSWL.
Are you sure your trusted network is correct?
Hi,
I found that my SA 3.2.5 do NOT perform the checks agains DNSWL.
The debug contains:
[8845] dbg: plugin: loading Mail::SpamAssassin::Plugin::DNSEval from @INC
[8845] dbg: dns: is DNS available? 1
[8845] dbg: dns: checking RBL list.dnswl.org., set dnswl-firsttrusted
All other RBL-chec
Hi Mouss, thanks for your answer.
In my installation, I've got a firewall with antispam features.
The target I want to achieve is to bypass SA check when a message has been
already tagged as spam by the firewall.
I'll try posting the question on the postfix-users list.
Bye,
-Pietro.
2009/7/25 mo
On 27/07/09 6:35 AM, "twofers" wrote:
> Performing Cunnilringus -- An Art of Pleasure.www.onlyviagra net
>
> I thought a "sex" rule would have fired as well as something for
> pleasure.www.onlyviagra net
>
> This is pretty basic and straight forward isn't it?
This is a tough row to ho, a
Le 26/07/2009 04:00, McDonald, Dan a écrit :
>From: Robert [mailto:list...@abbacomm.net]
>> There are no doubt lots of ways, but how about:
>>
>> egrep 'whitelist_from[^_]' local.cf | awk '{FS="@"; print $2"
>> TXT";}' | xargs dig | grep "v=spf1"
>what is this supposed to do?
select all o
39 matches
Mail list logo
