Hi Alex!
Actually, that's a Snowshoe IP.
Which, on balance, can be a good thing, slaying-wise. :)
Almost four years ago, I posted my approach to snowshoe slaying:
http://mail-archives.apache.org/mod_mbox/spamassassin-users/200902.mbox/%3c20090204.0...@iowahoneypot.com%3e
It has cont
On Fri, 30 Nov 2012, Kevin A. McGrail wrote:
Adding to the mix, I see a LOT of phishing attempts with Scan from XYZ...
There's also malware distributed that way.
Can anybody provide me (offlist!) the headers from a _legitimate_
scan-to-email from an HP and/or Xerox scanner (both are wanted)?
On Fri, 30 Nov 2012, Alexandre Boyer wrote:
As a Mailer agent, I also spotted the Xerox Workcenter to have a dirty
bahavior.
As I had the very same problem as Kris, I personnaly did not disabled
those rules but builded some metas based on X-Mailer and Subject tests:
header __AJB_HAS_XER
On 11/30/2012 10:03 AM, petr.r...@bmt.cz wrote:
Product: Spamassassin
Component: spamd
Version: 3.4.0
OS: Ubuntu 10.04
When I do not use escape, so everything works.
example
OPTIONS="--create-prefs --max-children 2 --username spamd -H ${SAHOME} -s $
{SAHOME}spamd.log -x -D
--virtual-config-dir
Alexandre Boyer wrote:
> Take care with Xerox versions, it just changed.
Yeah, your meta is probably better for general use.
I disabled most of the cluster outright because while they're hitting a
decent percentage of mail, they're not making the difference between ham
and spam very often... and
Take care with Xerox versions, it just changed.
I mentioned this in my reply to Kris.
I do not trust PHP Mailers, as PHP is wrong by design.
Alex, from prypiat.
Yes, I recycle.
On 12-11-30 10:17 AM, Kris Deugau wrote:
> John Hardin wrote:
>> On Thu, 29 Nov 2012, Kris Deugau wrote:
>>
>>> I've
John Hardin wrote:
> On Thu, 29 Nov 2012, Kris Deugau wrote:
>
>> I've just had another couple of reports of false positives due to hits
>> on one or more of the FROM_MISSP_* rules.
>>
>> Curious coincidence: Almost all of the reports to date have involved
>> webform email for real estate compani
Hi Kevin,
You are right, and by a lot I know what you mean, I see them too :-)
But rare are the one that fake the X-Mailer header. I can't remind
seeing one in fact.
Note: I corrected my __AJB_HAS_XEROX this very morning to:
header __AJB_MAILER_XEROX X-Mailer =~ /^WorkCentre .{3,6}/
I
Hallo!
Product: Spamassassin
Component: spamd
Version: 3.4.0
OS: Ubuntu 10.04
When I do not use escape, so everything works.
example
OPTIONS="--create-prefs --max-children 2 --username spamd -H ${SAHOME} -s $
{SAHOME}spamd.log -x -D
--virtual-config-dir=/var/log/spamassassin/users/frimlik.cz/z
On 11/30/2012 8:15 AM, Alexandre Boyer wrote:
As a Mailer agent, I also spotted the Xerox Workcenter to have a dirty
bahavior.
As I had the very same problem as Kris, I personnaly did not disabled
those rules but builded some metas based on X-Mailer and Subject tests:
header __AJB_HA
As a Mailer agent, I also spotted the Xerox Workcenter to have a dirty
bahavior.
As I had the very same problem as Kris, I personnaly did not disabled
those rules but builded some metas based on X-Mailer and Subject tests:
header __AJB_HAS_XEROXX-Mailer =~ /WorkCentre \d{3,5}/
hea
11 matches
Mail list logo
