Announcement from IANA yesterday:
> The IANA IPv4 registry has been updated to reflect the allocation of
> five /8 IPv4 blocks: one to each RIR, in February 2011. You can find
> the updated IANA IPv4 registry at:
>
>http://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.xml
>http
On Thu, 3 Feb 2011, Karsten Br?ckelmann wrote:
I still believe a meta is the fastest and cleanest way to define such a
test. As in "mimeheader X-Facebook", but not "header X-Facebook".
+1. It explicitly self-documents what you're looking for.
--
John Hardin KA7OHZhttp://w
Ha! I tried posting some log lines and they
got rejected because of SURBL hits! :)
Here goes again... remove the capital X from domain names and IP addresses :)
On Thu, 03 Feb 2011 16:51:15 -0500
Adam Moffett wrote:
> That's an interesting point of view. It was suggested on this list
> fair
That's good. The only useful list (BogusMX) can be discovered without
querying rfc-ignorant anyway. Just get the MX records for the sending
domain (which are almost certainly in cache) and make sure they resolve
to real IP addresses.
We reject domains that publish MX records in 127/8 or the R
On Thu, 2011-02-03 at 16:11 -0500, Kris Deugau wrote:
> Asked another way, my original question could be phrased as "Is there a
> body rule option that's more raw than rawbody?" (since rawbody appears
> to ignore proper MIME headers these days)
s/these days//
It always did. That's its very def
Benny Pedersen wrote:
forged facebook ?
facebook uses dkim and spf, so show this forged mail now :-)
A forged Facebook message, sent to some third party, using our
customer's email address as the SMTP envelope. Our customer is
receiving the postmaster NDR when the spoofed message can't be
On Thu, 03 Feb 2011 10:42:27 -1000
"Warren Togami Jr." wrote:
> https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6526
> We finally agreed that rfc-ignorant.org is useless, or slightly more
> harmful than good. Spamassassin will be disabling these rules by
> default sometime soon.
That's
On 2/2/2011 7:45 AM, John Levine wrote:
RFC Ignorant is deep into kook territory, as should be apparent if you
look at which RFCs they expect people to follow, and what their
definition of "follow" is.
abuse.net has been listed for years, since there is an autoresponder
on ab...@abuse.net, and I
On Thu, 03 Feb 2011 11:53:07 -0500, Kris Deugau wrote:
> # match all legit Facebook mail
> header __FBMAILER X-Facebook =~ /from zuckmail/
> # match all postmaster bounces from fake Facebook mail, *and*
> # (sometimes) legitimate Facebook mail
> mimeheader __T_YOUR_ORDER_VIRUS_P X-Facebook
On Thu, 2011-02-03 at 11:53 -0500, Kris Deugau wrote:
> I've been adding local rules to catch otherwise legitimate headers from
> popular sites in the message body (ie, where they would appear in
> postmaster mail that should never ever arrive at an account outside of
> that site).
>
> Unfortun
On 2011-02-03 17:53, Kris Deugau wrote:
I've been adding local rules to catch otherwise legitimate headers from
popular sites in the message body (ie, where they would appear in
postmaster mail that should never ever arrive at an account outside of
that site).
Unfortunately I've had to use mimeh
I've been adding local rules to catch otherwise legitimate headers from
popular sites in the message body (ie, where they would appear in
postmaster mail that should never ever arrive at an account outside of
that site).
Unfortunately I've had to use mimeheader to trigger a match with some
me
12 matches
Mail list logo
