Michelle Konzack wrote:
>>
>> I mean exactly, IF "Reply-To:" is set, verify, that it match the sender,
>> otherwise reject if it does not match "From:".
>>
>> Thanks, Greetings and nice Day/Evening
>> Michelle Konzack
>> Systemadministrator
>> 24V Electronic Engineer
>> Tamay Doga
Hello,
Am 2010-03-12 22:57:47, schrieb Christian Gregoire:
> The below headers trigger the rule only because the remote LAN SMTP
> client, with IP 10.10.3.3, has no rDNS.
>
> Received: from my.public.name ([] helo=john.fr)
> by mymta.fr with esmtps (TLSv1:AES256-SHA:256)
> id 1No
On Thu, Mar 11, 2010 at 7:58 AM, micah anderson wrote:
> On Tue, 9 Mar 2010 11:56:56 -1000, Julian Yap
> wrote:
> > Just wanted to add that this particular line is incorrect:
> > meta SC_HAM (USER_IN_WHITELIST||USER_IN_DEF_WHITELIST||
> > USER_IN_ALL_SPAM_TO||NO_RELAYS||ALL_TRUSTED||USER_IN_BLAC
Hello,
Am 2010-03-12 18:24:14, schrieb ram:
> Why only free accounts , The 419'ers hijack legitimate corporate
> accounts too. Again , As Ips have good reputation and the mails land in
> the inbox
> I think the only way of handling this to send proper abuse reports
>
> Probably the free mail pr
Hello,
Am 2010-03-12 13:38:57, schrieb Benny Pedersen:
> On tor 11 mar 2010 19:52:01 CET, Michelle Konzack wrote
>
> >I mean, on one of my domains it should be ALWAYS the same
> >"From:" and "Reply-To:".
>
> i have a plugin that does this, contact me offlist if you like to
> have it, its alph
On Sat, 2010-03-13 at 01:17 +0100, Karsten Bräckelmann wrote:
> RANKRULE NAME COUNT %OFMAIL %OFSPAM %OFHAM
> --
>8 URIBL_BLACK 57241.12 78.360.00
>
> Unfortu
On Mar 12, 2010, at 6:17 PM, Karsten Bräckelmann wrote:
> Just for comparison, below are some stats gathered quickly from 2
> different and entirely unrelated systems. Real mail stream, real users
> only, no traps.
Here are mine from yesterday while we are at it:
On Fri, 2010-03-12 at 18:50 -0500, Rob McEwen wrote:
> Your stats are certainly valuable and illustrative... but not reflective
> of the stats one would see in a MOST "real world" mail streams where:
>
> (A) the spams were sent to actual users (which would be a distinctively
> different mix of spa
On 2010-03-13 0:50, Rob McEwen wrote:
Yet Another Ninja wrote:
there are no users - its trap domains which have never had any real
users - ever.
no prefiltering except rejecting potential bounces and stuff leaking
from whatever may be on DNSWL and a coupleof other WLs.
Alex,
Your stats
Yet Another Ninja wrote:
> there are no users - its trap domains which have never had any real
> users - ever.
>
> no prefiltering except rejecting potential bounces and stuff leaking
> from whatever may be on DNSWL and a coupleof other WLs.
Alex,
Your stats are certainly valuable and illu
On Fri, 2010-03-12 at 22:57 +, Christian Gregoire wrote:
> Using SA 3.3.0. Any reason why RDNS_NONE now scores 1.3, when it was
> down to 0.1 with the previous releases ?
The score was pretty much informational only previously and arbitrarily
set. The current score is what the mass-checks and
Hello,
Using SA 3.3.0. Any reason why RDNS_NONE now scores 1.3, when it was down to
0.1 with the previous releases ?
The below headers trigger the rule only because the remote LAN SMTP client,
with IP 10.10.3.3, has no rDNS.
Received: from my.public.name ([] helo=john.fr)
by mymta.fr
On 2010-03-12 20:23, Rob McEwen wrote:
Yet Another Ninja wrote:
These stats are for small trap box which only accepts mail from bots
and rejects stuff listed by DNSWL and other public WLs. Since midnight
CET-
These are only URI BL tats - so you woun't see other dnsbls like
Spamcop, etc.
Alex,
On Fri, 2010-03-12 at 13:19 -0500, Charles Gregory wrote:
> > describe FORGED_YAHOO Yahoo with non-Yahoo Reply-to address
> > header __FORGED_YH1 From =~ /\...@yahoo\.com/i
> > header __FORGED_YH2 Reply-to =~ /\...@yahoo\.com/i
> > meta FORGED_YAHOO (__FORGED_YH1 && !__FORGE
On Fri, 2010-03-12 at 14:28 -0500, Carlos Mennens wrote:
> I guess I am still lost. SA appears to be working and everything looks
> fine however my emails don't appear to be getting a score and I don't
> understand how that link applies to why SA isn't setting a score on my
> messages when it is cl
d.hill wrote:
>
> Have you attempted doing a local (on your server) lookup of the IP
> address in question? What DNS servers are your server using for
> resolution?
>
It turns out your comment about a DNS problem on my server was spot-on. The
first ns was down - apparently if 'dns_availab
> My headers look like:
>
> X-Spam-Checker-Version: SpamAssassin 3.3.0 (2010-01-18) on mail.iamghost.com
> X-Spam-Level: *
> X-Spam-Status: No, score=1.0 required=6.3
> tests=EXTRA_MPART_TYPE,HTML_MESSAGE autolearn=no version=3.3.0
>
> *
>
The message scored a 1.0 (score=1.0)
Quoting Jeff_47 :
d.hill wrote:
Quoting Jeff_47:
I have an odd situation - it seems like I must be missing something but
I
don't know what.
In my local.cf, I had the following lines:
dns_available yes
skip_rbl_checks 0
I noticed that no RBL checks were being run.
If I change dns_availa
d.hill wrote:
>
>>Quoting Jeff_47:
>
>>>
>>> I have an odd situation - it seems like I must be missing something but
>>> I
>>> don't know what.
>>>
>>> In my local.cf, I had the following lines:
>>> dns_available yes
>>> skip_rbl_checks 0
>>>
>>> I noticed that no RBL checks were being run.
>>
On Thu, Mar 11, 2010 at 12:56 PM, Martin Gregorie wrote:
> They'd normally be in local.cf and are needed for any of the URIBL etc
> blacklists to work correctly. See:
> http://spamassassin.apache.org/full/3.2.x/doc/Mail_SpamAssassin_Conf.html#network_test_options
I guess I am still lost. SA appea
Quoting Jeff_47 :
I have an odd situation - it seems like I must be missing something but I
don't know what.
In my local.cf, I had the following lines:
dns_available yes
skip_rbl_checks 0
I noticed that no RBL checks were being run.
If I change dns_available to "test" or comment out the line
Yet Another Ninja wrote:
> These stats are for small trap box which only accepts mail from bots
> and rejects stuff listed by DNSWL and other public WLs. Since midnight
> CET-
> These are only URI BL tats - so you woun't see other dnsbls like
> Spamcop, etc.
Alex,
about those stats...
(1) Do tho
I have an odd situation - it seems like I must be missing something but I
don't know what.
In my local.cf, I had the following lines:
dns_available yes
skip_rbl_checks 0
I noticed that no RBL checks were being run.
If I change dns_available to "test" or comment out the line (same function),
now
On 2010-03-12 16:48, Ray Dzek wrote:
I just received the dreaded URIBL "You send us to many DNS queries"
notice. This is fine. We have been growing and I am sure our
queries have gone up. But when looking at their data feed service
options the first thing I noticed was that there is no fee str
On Fri, 2010-03-12 at 12:52 -0600, Dennis B. Hopp wrote:
>
> > The problem with this is that the !__FORGED_YH2 matches
> > when there is *NO* Reply-To header at all!
> >
> > You need something like this:
> >
> > header __FORGED_YH2 Reply-To =~ /\@([^y]|y[^a]|ya[^h]|yah[^o])/i
> > meta FORGE
> The problem with this is that the !__FORGED_YH2 matches
> when there is *NO* Reply-To header at all!
>
> You need something like this:
>
> header __FORGED_YH2 Reply-To =~ /\@([^y]|y[^a]|ya[^h]|yah[^o])/i
> meta FORGED_YAHOO (__FORGED_YH1 && __FORGED_YH2)
>
> (remove the negation from
On Fri, 12 Mar 2010, Dennis B. Hopp wrote:
describe FORGED_YAHOO Yahoo with non-Yahoo Reply-to address
header __FORGED_YH1 From =~ /\...@yahoo\.com/i
header __FORGED_YH2 Reply-to =~ /\...@yahoo\.com/i
meta FORGED_YAHOO (__FORGED_YH1 && !__FORGED_YH2)
The problem with thi
Hello,
I would like to know if someone here is part of the returnpath.net
(http://www.returnpath.net/emailserviceprovider/certification/)
certification program?
Does it really increase deliverability of email and to which MSP?
What are the necessary steps to get into that program and is it free or
> describe FORGED_HOTMAIL Hotmail with non-Hotmail Reply-to address
> header __FORGED_HM1 From ~= /\...@hotmail\.com/i
> header __FORGED_HM2 Reply-to ~= /\...@hotmail\.com/i
> meta FORGED_HOTMAIL (__FORGED_HM1 && !__FORGED_HM2)
> scoreFORGED_HOTMAIL 5.0
>
> and write coo
On 12/03/10 15:48, Ray Dzek wrote:
I just received the dreaded URIBL “You send us to many DNS queries”
notice. This is fine. We have been growing and I am sure our queries
have gone up. But when looking at their data feed service options the
first thing I noticed was that there is no fee structu
On Fri, 2010-03-12 at 07:48 -0800, Ray Dzek wrote:
> I just received the dreaded URIBL “You send us to many DNS queries”
> notice. This is fine. We have been growing and I am sure our queries
> have gone up. But when looking at their data feed service options the
> first thing I noticed was that
Martin Gregorie wrote:
> On Fri, 2010-03-12 at 16:27 +0200, Henrik K wrote:
>
>
>> If you have enough words to require multiple REs, then sorting doesn't hurt.
>> So the start boundaries for a single RE to catch on are minimized.
>>
>>
> OK, so there are benefits if every alternate in a reg
I just received the dreaded URIBL "You send us to many DNS queries" notice.
This is fine. We have been growing and I am sure our queries have gone up.
But when looking at their data feed service options the first thing I noticed
was that there is no fee structure. I don't know about you, but
On Fri, 2010-03-12 at 16:27 +0200, Henrik K wrote:
> If you have enough words to require multiple REs, then sorting doesn't hurt.
> So the start boundaries for a single RE to catch on are minimized.
>
OK, so there are benefits if every alternate in a regex starts with the
same letter?
Almost ever
Quoting Bowie Bailey :
Martin Gregorie wrote:
On Fri, 2010-03-12 at 08:15 +0200, Henrik K wrote:
Why don't you simply maintain your wordlists in some files and use a script
to generate portmanteau.cf? You could use Regexp::Assemble module to
optimize also. Who cares what the actual rules loo
On Thu, 11 Mar 2010 20:11:37 +
Martin Gregorie wrote:
> - am I right about all regexes in a portmanteau rule being applied
> to every message?
I would presume not and that meta-rules short-circuit the way that
logical expressions do in perl.
It shouldn't make much difference whether
On Fri, Mar 12, 2010 at 01:52:01PM +, Martin Gregorie wrote:
> On Fri, 2010-03-12 at 08:15 +0200, Henrik K wrote:
>
> > Why don't you simply maintain your wordlists in some files and use a script
> > to generate portmanteau.cf? You could use Regexp::Assemble module to
> > optimize also. Who ca
Martin Gregorie wrote:
> On Fri, 2010-03-12 at 08:15 +0200, Henrik K wrote:
>
>
>> Why don't you simply maintain your wordlists in some files and use a script
>> to generate portmanteau.cf? You could use Regexp::Assemble module to
>> optimize also. Who cares what the actual rules look like? The
On Fri, 2010-03-12 at 08:15 +0200, Henrik K wrote:
> Why don't you simply maintain your wordlists in some files and use a script
> to generate portmanteau.cf? You could use Regexp::Assemble module to
> optimize also. Who cares what the actual rules look like? The more words
> (simple alternations)
On Wed, 2010-03-10 at 13:37 -0600, Dennis B. Hopp wrote:
> We seem to be having a problem where clients that we interact with
> regularly are having their hotmail/gmail/yahoo accounts hijacked. We
> are receiving e-mails from their accounts that legitimately go through
> the correct servers (hotm
On tor 11 mar 2010 19:52:01 CET, Michelle Konzack wrote
I mean, on one of my domains it should be ALWAYS the same
"From:" and "Reply-To:".
i have a plugin that does this, contact me offlist if you like to have
it, its alpha stable here, warning i am not a perl geek yet :=)
but why not r
41 matches
Mail list logo
