On Mon, Dec 13, 2010 at 7:21 PM, Len Conrad wrote:
>
>>Are you sure? At the moment I can not resolv the name truncate.gbudb.net.
>
> that's correct, and OK.
>
> and you can't resolve zen.spamhaus.org, either. :)
Does it mean they are closed?
>
> truncate is a good RBL, in my experience of a cou
On Mon, 2010-12-13 at 22:19 +0100, mouss wrote:
> Le 13/12/2010 10:38, Martin Gregorie a écrit :
>
> > As others have said, it depends who sent it and why. Invitations sent
> > specifically by people who know you aren't spam, but I've heard it said
> > several times that Facebook auto-generates inv
Le 13/12/2010 10:38, Martin Gregorie a écrit :
On Mon, 2010-12-13 at 08:17 +0100, Per Jessen wrote:
mouss wrote:
the sample posted by Michelle came to her via a debian list. debian
lists are open (no subscription required) and thus attract a lot of
spam.
And whilst invitations such as those
Le 13/12/2010 11:30, Michelle Konzack a écrit :
Hello Per Jessen,
Am 2010-12-12 22:03:34, hacktest Du folgendes herunter:
Michelle Konzack wrote:
300-500 INVITE spams per day from more than 400 socialnetworks
worldwide is realy annoying or better, I would call it terrorism.
Just reject them
Le 13/12/2010 15:33, Matus UHLAR - fantomas a écrit :
Michelle Konzack wrote:
300-500 INVITE spams per day from more than 400 socialnetworks
worldwide is realy annoying or better, I would call it
terrorism.
On 12.12.10 22:03, Per Jessen wrote:
Just reject them all?
Matus UHLAR - fantomas w
On 13/12/10 15:44, RW wrote:
> On Mon, 13 Dec 2010 13:47:14 +
> Cedric Knight wrote:
...
>> header RCVD_IN_GBUDB_TRUNC eval:check_rbl('trunc-firsttrusted',
>> 'truncate.gbudb.net.')
>
> That should be "-lastexternal" - assuming that the list contains
> a lot of dynamic addresses.
And a
Le 13/12/2010 11:47, Matus UHLAR - fantomas a écrit :
as far as I know, linkedin mail comes from linkedin domains, and has
valid DKIM sigs.
Yep, I'm pretty certain of that too. I think I have a rule that scores
on coming from linkedin, but without verified dkim signature.
Le 13/12/2010 09:0
On 12/08/2010 03:34 PM, Chris Owen wrote:
he other thing we see that always amazes me is that if we have MXs that are all
the same weight, the ones that have the lowest reverse DNS host name get hit
higher.
I really have no idea how much less why this happens. It is sort of
frustrating tho
> From: Bob Proulx [mailto:b...@proulx.com]
> Subject: Re: Fake MX
>
> > > [...] but that is distinct from being a tarpit, which is what
> > > I'm trying to clarify.
> >
> > A discussion around the definition of tarpit, and why tarbaby might be a
> > suboptimal, though catchy, name?
>
> For the r
>Are you sure? At the moment I can not resolv the name truncate.gbudb.net.
that's correct, and OK.
and you can't resolve zen.spamhaus.org, either. :)
truncate is a good RBL, in my experience of a couple months. Its picks up some
bad stuff that gets past b.barracuda and zen.
Len
>
Are you sure? At the moment I can not resolv the name truncate.gbudb.net.
--
Oguz YILMAZ
On Mon, Dec 13, 2010 at 6:22 PM, Marc Perkel
wrote:
>
>
> On 12/13/2010 5:47 AM, Cedric Knight wrote:
>>
>> GBUdb.com's truncated list (http://www.gbudb.com/truncate/) went public
>> in May and seems to w
On 12/13/2010 5:47 AM, Cedric Knight wrote:
GBUdb.com's truncated list (http://www.gbudb.com/truncate/) went public
in May and seems to work very well, catching a lot of things missed by
other RBLs, with<1% false positives. YMMV. It's related to Message
Sniffer, a commercial anti-spam package
On 12/13/10 10:54 AM, Cedric Knight wrote:
On 13/12/10 15:06, Karsten Bräckelmann wrote:
[...] is a recent project of Julian Haight, creator of Spam
Cop. SpamCop.
Assassin.
Oh no, did I type that? Dratted absent-minded fingers.
and,similar to spamcop, (which was sold to ironport, then cisc
On 13/12/10 15:06, Karsten Bräckelmann wrote:
>> [...] is a recent project of Julian Haight, creator of Spam
>
> Cop. SpamCop.
>
>> Assassin.
Oh no, did I type that? Dratted absent-minded fingers.
Apologies.
C
On Mon, 13 Dec 2010 13:47:14 +
Cedric Knight wrote:
> GBUdb.com's truncated list (http://www.gbudb.com/truncate/) went
> public in May and seems to work very well, catching a lot of things
> missed by other RBLs, with <1% false positives. YMMV. It's related
> to Message Sniffer, a commercia
> [...] is a recent project of Julian Haight, creator of Spam
Cop. SpamCop.
> Assassin.
--
char *t="\10pse\0r\0dtu...@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
> >> >> Michelle Konzack wrote:
> >> >> > 300-500 INVITE spams per day from more than 400 socialnetworks
> >> >> > worldwide is realy annoying or better, I would call it
> >> >> > terrorism.
> >> >
> >> > On 12.12.10 22:03, Per Jessen wrote:
> >> >> Just reject them all?
> >
> >> Matus UHLAR - fa
There seem to be an abundance of DNSBLs out there nowadays. Here are
my observations on two, and an implementation question. The Good, the
Bad and the Ugly:
GBUdb.com's truncated list (http://www.gbudb.com/truncate/) went public
in May and seems to work very well, catching a lot of things missed
Michelle Konzack wrote:
> Hello Per Jessen,
>
> Am 2010-12-12 22:03:34, hacktest Du folgendes herunter:
>> Michelle Konzack wrote:
>>
>> > 300-500 INVITE spams per day from more than 400 socialnetworks
>> > worldwide is realy annoying or better, I would call it terrorism.
>>
>> Just reject them
Matus UHLAR - fantomas wrote:
>> >> Michelle Konzack wrote:
>> >> > 300-500 INVITE spams per day from more than 400 socialnetworks
>> >> > worldwide is realy annoying or better, I would call it
>> >> > terrorism.
>> >
>> > On 12.12.10 22:03, Per Jessen wrote:
>> >> Just reject them all?
>
>> Mat
as far as I know, linkedin mail comes from linkedin domains, and has
valid DKIM sigs.
>>>
>>> Yep, I'm pretty certain of that too. I think I have a rule that scores
>>> on coming from linkedin, but without verified dkim signature.
> Le 13/12/2010 09:04, Matus UHLAR - fantomas a écrit :
> >> Michelle Konzack wrote:
> >> > 300-500 INVITE spams per day from more than 400 socialnetworks
> >> > worldwide is realy annoying or better, I would call it terrorism.
> >
> > On 12.12.10 22:03, Per Jessen wrote:
> >> Just reject them all?
> Matus UHLAR - fantomas wrote:
> > Do those invitati
Hello Per Jessen,
Am 2010-12-12 22:03:34, hacktest Du folgendes herunter:
> Michelle Konzack wrote:
>
> > 300-500 INVITE spams per day from more than 400 socialnetworks
> > worldwide is realy annoying or better, I would call it terrorism.
>
> Just reject them all?
Not possibel, because the ar
> Le 12/12/2010 19:23, Giampaolo Tomassoni a écrit :
> > How does it work?
> >
> > I just got blocked by the AT&T's blacklist (in contacting
> ab...@att.com,
> > besides...), but I'm pretty sure my MX is not an open relay or other
> kind of
> > nifty thing.
> >
> > Maybe AT&T blocks whole address b
On Mon, 2010-12-13 at 08:17 +0100, Per Jessen wrote:
> mouss wrote:
>
> > the sample posted by Michelle came to her via a debian list. debian
> > lists are open (no subscription required) and thus attract a lot of
> > spam.
>
> And whilst invitations such as those broadcasted are annoying, they'r
Matus UHLAR - fantomas wrote:
>> Michelle Konzack wrote:
>>
>> > 300-500 INVITE spams per day from more than 400 socialnetworks
>> > worldwide is realy annoying or better, I would call it terrorism.
>
> On 12.12.10 22:03, Per Jessen wrote:
>> Just reject them all?
>
> Do those invitations conta
Le 13/12/2010 09:04, Matus UHLAR - fantomas a écrit :
as far as I know, linkedin mail comes from linkedin domains, and has
valid DKIM sigs.
Yep, I'm pretty certain of that too. I think I have a rule that scores
on coming from linkedin, but without verified dkim signature.
now the question is
Matus UHLAR - fantomas wrote:
>> > as far as I know, linkedin mail comes from linkedin domains, and
>> > has valid DKIM sigs.
>>
>> Yep, I'm pretty certain of that too. I think I have a rule that
>> scores on coming from linkedin, but without verified dkim signature.
>
> now the question is, if
> > as far as I know, linkedin mail comes from linkedin domains, and has
> > valid DKIM sigs.
>
> Yep, I'm pretty certain of that too. I think I have a rule that scores
> on coming from linkedin, but without verified dkim signature.
now the question is, if we know it's an linkedin invitation, if
> Michelle Konzack wrote:
>
> > 300-500 INVITE spams per day from more than 400 socialnetworks
> > worldwide is realy annoying or better, I would call it terrorism.
On 12.12.10 22:03, Per Jessen wrote:
> Just reject them all?
Do those invitations contain headers by whose they could be detected
30 matches
Mail list logo
