On Thu, 16 Jun 2011 16:04:37 -0700 (PDT), John Hardin wrote:
Benny doesn't like getting email. :)
yes i do, what are the state of DOB ?
On 6/13/2011 7:51 AM, Matthew Newton wrote:
I've therefore hacked together the following patch to Botnet.pm
(0.8). It should fix the main issue that BOTNET does not do any
lookups for IP addresses that look like IPv6 addresses. It
I've put the patched Botnet.pm here:
http://www.le.ac.uk/
On Fri, 17 Jun 2011, Benny Pedersen wrote:
On Thu, 16 Jun 2011 16:08:40 -0400, Adam Moffett wrote:
> > Does someone know more about this crap?
>
> nope :-)
>
> make a info tdl rule with a score of 2.5, and make a whitelist of info
> domains that does not spam, make sure spammers only sen
On Thu, 16 Jun 2011 16:08:40 -0400, Adam Moffett wrote:
Does someone know more about this crap?
nope :-)
make a info tdl rule with a score of 2.5, and make a whitelist of
info domains that does not spam, make sure spammers only send one
domain to get whitelisted
Is that a joke or a seriou
On Thu, 16 Jun 2011 17:37:15 +0200, Michelle Konzack wrote:
Does someone know more about this crap?
nope :-)
make a info tdl rule with a score of 2.5, and make a whitelist of info
domains that does not spam, make sure spammers only send one domain to
get whitelisted
On Thu, 16 Jun 2011, Adam Moffett wrote:
They were coming from different IP's, but they were all in the same /23:
Inmotion, Inc. INMOTION-173-245-203-0-23 (NET-173-245-204-0-1) 173.245.204.0
- 173.245.205.255
Sounds like a stellar candidate for TCP tarpitting.
--
John Hardin KA7OHZ
Cédric Jeanneret wrote:
> Hello,
>
> I just read that SARE shouldn't be used anymore[1] (note maintained
> anymore, and many false-positives reported) Is that true? If so,
> which list can you suggest? For now, I don't have any problem with
> FPs, but...
See Warren Togami's page at:
http:
Am 16.06.2011 17:37, schrieb Michelle Konzack:
> Hello *,
>
> since some days my servers are hit by 50.000-80.000 Spams a day and for
> some minutes they have spamed today 18 accounts out of 98.000 with MORE then
> 100.000 spams.
>
> All spams coming from the same network:
>
> xxx.root.sta
tine spam
-da25d90871b51f12e9de15bd5c5192cc-20110616-025538-11055-315
(spam-quarantine)
I have a few thousand as well, and none have appeared to not be tagged
properly. I've also now blocked the /23 at the SMTP level.
Regards,
Dave
On Thu, 16 Jun 2011 08:05:53 -0700 (PDT)
raiden031 wrote:
>
> header FH_FROMEML_NOTLD From:addr !~ /\./ [if-unset: f...@bar.com]
> describe FH_FROM_EML_NOTLD E-mail address doesn't have TLD (.com,
> etc.)
>
> For instance, could someone explain how the above rule works? It
> looks like to me
That's interesting.
I'm pretty sure one of my users was getting those same emails. One user
out of several thousand, but she was getting hundreds of messages per day.
They were coming from different IP's, but they were all in the same /23:
Inmotion, Inc. INMOTION-173-245-203-0-23 (NET-173-245
Ok thanks all, I didn't realize the 'm' thing was part of Perl regex. I
came from using java regular expressions where I don't deal with the '/' and
'm' characters.
Bowie Bailey wrote:
>
> On 6/16/2011 11:05 AM, raiden031 wrote:
>> So I'm trying to understand the spamAssassin rules, and I f
On 6/16/2011 11:05 AM, raiden031 wrote:
> So I'm trying to understand the spamAssassin rules, and I found a couple of
> things that don't make sense about the rules I downloaded.
SpamAssassin uses Perl regular expressions. For more info, look that up
on Google and you should be able to find plent
Hello *,
since some days my servers are hit by 50.000-80.000 Spams a day and for
some minutes they have spamed today 18 accounts out of 98.000 with MORE then
100.000 spams.
All spams coming from the same network:
xxx.root.static.coolserver.info
xxx.root.static.starsweet.info
where xxx ch
On Thu, 2011-06-16 at 08:05 -0700, raiden031 wrote:
> So I'm trying to understand the spamAssassin rules, and I found a couple of
> things that don't make sense about the rules I downloaded.
>
Everything you're puzzled about are standard Perl regular expression
syntax: to understand and write SA r
So I'm trying to understand the spamAssassin rules, and I found a couple of
things that don't make sense about the rules I downloaded.
1) Some of the header, body, and uri rules have regular expressions that are
not enclosed in '/' (ie. /pattern/i ). Instead they are enclosed with 'm'
followed b
Started getting these:
Issuing rollback() due to DESTROY without explicit disconnect() of
DBD::mysql::db
Not sure what I'm doing wrong.
Thanks in advance.
--
Marc Perkel - Sales/Support
supp...@junkemailfilter.com
http://www.junkemailfilter.com
Junk Email Filter dot com
415-992-3400
Hi,
I increased bayes_expiry_max_db_size value.
Thanks you.
-Ibrahim
On Wed, Jun 15, 2011 at 10:44 PM, RW wrote:
> On Wed, 15 Jun 2011 19:21:44 +0300
> Ibrahim Harrani wrote:
>
>> I have a old bayes db which was taken with sa-learn --backup. If I
>> restore this db with sa-learn --restore the
On 2011-06-16 9:44, Cédric Jeanneret wrote:
Hello,
I just read that SARE shouldn't be used anymore[1] (note maintained
anymore, and many false-positives reported) Is that true?
Yes.. 100% true.
>If so, which list can you suggest? For now, I don't have any problem
with FPs,
but...
the
Hello,
I just read that SARE shouldn't be used anymore[1] (note maintained
anymore, and many false-positives reported) Is that true? If so,
which list can you suggest? For now, I don't have any problem with FPs,
but...
Cheers,
C.
[1]
http://mail-archives.apache.org/mod_mbox/spamassas
20 matches
Mail list logo
