>>> On 8/19/2013 at 6:54 PM, John Hardin wrote:
> On Mon, 19 Aug 2013, Joe Acquisto-j4 wrote:
>
>> So, I have this in my /etc/mail/spamassassin/local.cf:
>>
>> score RP_MATCHES_RCVD 0
>>
>> Yet, even after restart of spamd, mail comes thru with a -2.8.
>
> I assume you mean by that, RP_MATCHES_R
On Mon, 19 Aug 2013, Joe Acquisto-j4 wrote:
So, I have this in my /etc/mail/spamassassin/local.cf:
score RP_MATCHES_RCVD 0
Yet, even after restart of spamd, mail comes thru with a -2.8.
I assume you mean by that, RP_MATCHES_RCVD is still hitting and scoring
points?
What should I look at?
So, I have this in my /etc/mail/spamassassin/local.cf:
score RP_MATCHES_RCVD 0
Yet, even after restart of spamd, mail comes thru with a -2.8.
What should I look at?
I know other stuff is read as I changed trusted and local network IP's and had
a typo in one. lint called me out on it.
joe a
Hi all,
I just registered to be able to post this. I have a working solution for
learning with sa-learn messages placed into a special folders by exchange
2013 users.
This works for me as I have a small number of users (this is a family
server) but might be adapted to more corporate infrastructur
On Mon, 19 Aug 2013, Catalin Constantin wrote:
Hello,
Is there any setting in spamassassin to make it NOT add the X-Spam headers
for mails which are originating from trusted ips (listed in
trusted_networks) ?
Bear in mind, trusted networks is "trusted to not forge Received:
headers", not "tr
On Mon, 19 Aug 2013, David F. Skoll wrote:
On Mon, 19 Aug 2013 08:36:14 -0700 (PDT)
John Hardin wrote:
[...]
In addition, tarpitting is at least partly intended to help *others*,
by getting the attacker stuck before it moves on to the next target.
OK; I guess it's just a difference in mind
Hello,
Is there any setting in spamassassin to make it NOT add the X-Spam headers
for mails which are originating from trusted ips (listed in
trusted_networks) ?
Thanks!
On Mon, 19 Aug 2013 08:36:14 -0700 (PDT)
John Hardin wrote:
[...]
> In addition, tarpitting is at least partly intended to help *others*,
> by getting the attacker stuck before it moves on to the next target.
OK; I guess it's just a difference in mindset. I approach the problem
with the follow
On Mon, 19 Aug 2013, David F. Skoll wrote:
On Mon, 19 Aug 2013 07:52:15 -0700 (PDT)
John Hardin wrote:
Have you considered TCP Tarpitting instead of just blocking them?
Blocking them doesn't actually *punish* them. Getting their MTAs
*stuck* for hours or days does.
IMO, tarpitting is usele
>It seems to me that greylisting and TCP tarpitting catch both sides of the
>problem. Greylisting blocks junk from the single-attempt zombies, and TCP
>tarpitting will catch the ones who are persistent offenders.
Maybe, probably not. Modern MTAs, even the ones that are not
spambots, can run hun
On 8/19/2013 7:31 AM, John Hardin wrote:
On Sun, 18 Aug 2013, Len Conrad wrote:
Came up with a cool trick that seems to be working well after
running for several months.
I do the same by harvesting the IPs that fail SMTP AUTH a number of
times, and then if more than a number of IPs in a Cla
On Mon, 19 Aug 2013 07:52:15 -0700 (PDT)
John Hardin wrote:
> >> Have you considered TCP Tarpitting instead of just blocking them?
> >> Blocking them doesn't actually *punish* them. Getting their MTAs
> >> *stuck* for hours or days does.
> > IMO, tarpitting is useless. When you have hundreds, t
On Mon, 19 Aug 2013, David F. Skoll wrote:
On Mon, 19 Aug 2013 07:31:33 -0700 (PDT)
John Hardin wrote:
Have you considered TCP Tarpitting instead of just blocking them?
Blocking them doesn't actually *punish* them. Getting their MTAs
*stuck* for hours or days does.
IMO, tarpitting is use
On Mon, 19 Aug 2013 07:31:33 -0700 (PDT)
John Hardin wrote:
> Have you considered TCP Tarpitting instead of just blocking them?
> Blocking them doesn't actually *punish* them. Getting their MTAs
> *stuck* for hours or days does.
IMO, tarpitting is useless. When you have hundreds, thousands or
On Sun, 18 Aug 2013, Len Conrad wrote:
Came up with a cool trick that seems to be working well after running for
several months.
I do the same by harvesting the IPs that fail SMTP AUTH a number of
times, and then if more than a number of IPs in a ClassC, I block the
entire ClassC.
I do th
15 matches
Mail list logo
