On Sun, Oct 11, 2009 at 01:10:17PM -0400, Adam Katz wrote:
>
> Here are the default scores for the DNSWLs I know of:
>
> RCVD_IN_DNSWL_LOW 0 -1 0 -1
> RCVD_IN_DNSWL_MED 0 -4 0 -4
> RCVD_IN_DNSWL_HI 0 -8 0 -8
> RCVD_IN_HOSTKARMA_W -5 # (nondefault rule, Marc's suggested score)
You have to remembe
Matthias Leisi wrote (accidentally off-list):
> Adam Katz schrieb:
>
>> My last report was sent at 2009-04-10 17:50:30 UTC to ad...@dnswl.org
>> with subject "Suggested Change DNSWL Id 3523"
>
> That's cvent-planner.com. Based on your report and others we received,
> we lowered the score for thei
From: "MySQL Student"
Sent: Sunday, 2009/October/11 09:08
Hi,
We use some rules if we talk open about it and say hey this spammer is
stupid look here, then it will take less then 12 hours and that gap is
closed and we loose a valuable trick.
yes its the way it is, spammers can also read ma
Matthias Leisi wrote:
> Did you report them to us? If there are *myriads*, there must be some
> serious error which we need to fix (IPs/ranges falsely listed,
> inappropriate trust levels listed, sometimes also errors in eg how
> trusted_networks are set up).
My last report was sent at 2009-04-10
Karsten Bräckelmann wrote:
>> Here's my workaround. It involves some redundancy, but it does the trick:
>
> After some brief moment of head scratching...
>
> The "workaround" basically is just weighting sub-rules in the meta, and
> works regardless if it is meant to be the individual sub-rules'
Benny Pedersen wrote:
> On søn 11 okt 2009 07:19:47 CEST, Adam Katz wrote
>
>> different return code to indicate the hit anyway so that I can act on it
>> anyway. *Especially* while DNSWLs lack an abuse-reporting mechanism.
>
> spamassassin have firsttrusted for dnsbl same can go for dnswl testi
Adam Katz schrieb:
> I've had myriads of falsely whitelisted messages hit DNSWL (.org) and
Did you report them to us? If there are *myriads*, there must be some
serious error which we need to fix (IPs/ranges falsely listed,
inappropriate trust levels listed, sometimes also errors in eg how
trus
Henrik K wrote:
> On Sun, Oct 11, 2009 at 01:19:47AM -0400, Adam Katz wrote:
>> *Especially* while DNSWLs lack an abuse-reporting mechanism.
>>
>> I have seen SO much DNSWL'd spam that I've had to migrate to using
>
> Just to be clear, what DNSWLs are you talking about? It's a bit
> confusing as t
Hi,
>> We use some rules if we talk open about it and say hey this spammer is
>> stupid look here, then it will take less then 12 hours and that gap is
>> closed and we loose a valuable trick.
>
> yes its the way it is, spammers can also read maillists and adapt there
> spamming rules to get bypas
On 10/11/2009 09:04 AM, mouss wrote:
postfix does so if you authenticated and you have
smtpd_sasl_authenticated_header = yes
Thanks! This is exactly what I needed to fix my problem.
Warren
On Sat, 2009-10-10 at 18:14 -0400, Adam Katz wrote:
> > > > > meta NAME rule1 && (rule2a + rule2b + rule2c + rule2d > 2)
> > > > When adding rules is it a count of the number of rules or the rule
> > > > scores?
> >
> > It is never the score.
> Here's my workaround. It involves some redundanc
Warren Togami wrote:
The following is an apples to apples comparisons of DNSBL lastexternal
rules against the October 10th, 2009 weekly_mass_check corpora.
HOSTKARMA and SEM are new. Hopefully these masscheck results can help
to identify problems so list quality can improve over time.
http
Warren Togami a écrit :
> I am trying to reconfigure my postfix server to get rid of false
> positives in the masschecks.
>
> * I run my own postfix server at example.com.
> * Several of my users have IMAP accounts on my server. They send their
> outgoing mail via my server with SMTP-after-IMAP.
Just a few comments and corrections.
On Sat, 2009-10-10 at 19:44 -0400, Warren Togami wrote:
> The following is an apples to apples comparisons of DNSBL lastexternal
Minor nit: Not entirely correct. Different lists have different listing
policies and criteria. A PBL listing for example does NOT
On søn 11 okt 2009 12:12:20 CEST, jdow wrote
could squeeze his spam decreased. It's still decreasing, although at a
slower rate due to the relative inactivity of the SARE ninjas.
sare rules is non maintained now, but it could still go to masscheck
to get the best of them readded in to sa
--
On søn 11 okt 2009 11:48:11 CEST, Raymond Dijkxhoorn wrote
We use some rules if we talk open about it and say hey this spammer
is stupid look here, then it will take less then 12 hours and that
gap is closed and we loose a valuable trick.
yes its the way it is, spammers can also read mailli
On søn 11 okt 2009 08:45:38 CEST, Warren Togami wrote
I am trying to reconfigure my postfix server to get rid of false
positives in the masschecks.
static ip in a dynamic pool ? (silly isp)
Is it possible to configure postfix to write some kind of auth
message in the Received line if you h
On søn 11 okt 2009 07:19:47 CEST, Adam Katz wrote
different return code to indicate the hit anyway so that I can act on it
anyway. *Especially* while DNSWLs lack an abuse-reporting mechanism.
spamassassin have firsttrusted for dnsbl same can go for dnswl testing
that mean if you have none or
Hi!
So I am quite aware of losing good rules. HOWEVER, as he found out WE
keep the old rules and add new ones and his keyhole through which he
could squeeze his spam decreased. It's still decreasing, although at a
slower rate due to the relative inactivity of the SARE ninjas.
Most Ninja's incl
From: "Raymond Dijkxhoorn"
Sent: Sunday, 2009/October/11 02:48
Hi!
7263 T_CN_URL hits in 15517 spam corpus
7200 T_CN_8_URL hits in 15517 spam corpus
Does this make any sense? This is funny. Could someone add this rule
to the sandbox? I'm just curious.
I have to admire one thing about
Hi!
7263 T_CN_URL hits in 15517 spam corpus
7200 T_CN_8_URL hits in 15517 spam corpus
Does this make any sense? This is funny. Could someone add this rule to
the sandbox? I'm just curious.
I have to admire one thing about spammers. They respond very rapidly to
"threats" to their ability
21 matches
Mail list logo
