On Fri, 2014-07-25 at 03:16 +, Greg Ledford wrote:
> Good point. I'll post all of the headers and see if anyone has any tips.
Read inline-comments in the headers bottom up.
And finally, Microsoft SMTP seems to have got the message from Postfix.
> Received: from smtp.phhwtechnology.com (10.0
Good point. I'll post all of the headers and see if anyone has any tips.
Received: from smtp.phhwtechnology.com (10.0.1.7) by mail.phhwtechnology.com
(10.0.1.5) with Microsoft SMTP Server id 14.3.195.1; Thu, 24 Jul 2014
18:11:18 -0500
Received: from localhost (localhost [127.0.0.1])by
s
On Thu, 2014-07-24 at 18:56 -0700, jdebert wrote:
> On Fri, 25 Jul 2014 03:30:19 +0200 Karsten Bräckelmann wrote:
> > On Thu, 2014-07-24 at 17:32 -0700, jdebert wrote:
> > > Sprint, which I use for net access is hijacking DNS.
> >
> > What exactly do you mean hijacking? Routing NXDOMAIN to some s
On 2014-07-24 18:56, jdebert wrote:
On Fri, 25 Jul 2014 03:30:19 +0200
Karsten Bräckelmann wrote:
On Thu, 2014-07-24 at 17:32 -0700, jdebert wrote:
Sprint, which I use for net access is hijacking DNS.
What exactly do you mean hijacking? Routing NXDOMAIN to some sort of
advertising web-server
On Thu, 24 Jul 2014, jdebert wrote:
On Fri, 25 Jul 2014 03:30:19 +0200
Karsten Bräckelmann wrote:
On Thu, 2014-07-24 at 17:32 -0700, jdebert wrote:
Sprint, which I use for net access is hijacking DNS.
What exactly do you mean hijacking? Routing NXDOMAIN to some sort of
advertising web-serv
On Fri, 25 Jul 2014 03:30:19 +0200
Karsten Bräckelmann wrote:
> On Thu, 2014-07-24 at 17:32 -0700, jdebert wrote:
> > Sprint, which I use for net access is hijacking DNS.
>
> What exactly do you mean hijacking? Routing NXDOMAIN to some sort of
> advertising web-server? Or serious packet-sniffing
On Fri, 2014-07-25 at 03:30 +0200, me wrote:
> On Thu, 2014-07-24 at 17:32 -0700, jdebert wrote:
> > Sprint, which I use for net access is hijacking DNS.
> > I cannot trust that the response received by sa-update is valid. Is
> > there another method to check for updates?
Let me clarify a little.
Hi,
Is there a way to get the return code in the generated reports?
eg:
uridnssub ALT_URI bl.foo A 127.0.0.2-127.0.0.11
body ALT_URI eval:check_uridnsbl('ALT_URI')
describe ALT_URI URL's domain A record listed in bl.foo ($RETRUN_CODE)
score ALT_URI 3.0
tflagsALT_URI net a
so if
On Thu, 2014-07-24 at 17:32 -0700, jdebert wrote:
> Sprint, which I use for net access is hijacking DNS.
What exactly do you mean hijacking? Routing NXDOMAIN to some sort of
advertising web-server? Or serious packet-sniffing tampering with *any*
DNS query crossing their hardware?
> I cannot trust
On Thu, 24 Jul 2014, jdebert wrote:
BTW, 1609892 is being given as the current version. It's been at this
version for at least a few days.
Masscheck corpora are starved at the moment. It's being analyzed.
--
John Hardin KA7OHZhttp://www.impsec.org/~jhardin/
jhar...@impse
Sprint, which I use for net access is hijacking DNS. I cannot trust
that the response received by sa-update is valid. Is there another
method to check for updates?
BTW, 1609892 is being given as the current version. It's been at this
version for at least a few days.
jd
On Thu, 2014-07-24 at 22:33 +, Greg Ledford wrote:
> Sorry about that. I'm new to this list, too.
Don't worry. I simply pointed it out so with further discussion,
everyone is on the same page. After all, there is more helpful folks on
this list -- and quite a few of them way better at Postfix
On Jul 24, 2014, at 4:48 PM, Amir 'CG' Caspi wrote:
> On 2014-07-24 16:11, Philip Prindeville wrote:
>
>> You might have a shorter wait if you move to CentOS 6.5 instead.
> I would, but the VPS software I'm using does not run on CentOS 6.x, only 5.x.
> It's rather old software and I should co
On 2014-07-24 16:11, Philip Prindeville wrote:
> You might have a shorter wait if you move to CentOS 6.5 instead.
I would, but the VPS software I'm using does not run on CentOS 6.x, only
5.x. It's rather old software and I should convert to something else,
but it's not worth the time I don't
Sorry about that. I'm new to this list, too. It helps if I actually add
content_filter to postfix, I guess. This is all I'm seeing in the headers at
this point so it seems like I've got ONE part of it working. Does this look
like it's a start? Also my MX records are fine. I just removed them fro
On Jul 23, 2014, at 1:21 PM, Amir 'CG' Caspi wrote:
> On 2014-07-23 13:14, Axb wrote:
>> doesn't your VPS offer you shell access?
>> if yes, uninstall the SA rpm stuff and install SA 3.4 from source/trunk.
>
> I think I didn't explain properly. I'm running the dedicated server on which
> ther
On Jul 23, 2014, at 12:54 PM, Amir 'CG' Caspi wrote:
>>
>> Hope the patches above get pushed into production
> Indeed, though I'm still running SA v3.3.x ... I'm on a CentOS 5.10 platform
> and, because it's of the virtual-hosting control panel I use, I need my
> software distributed in RPMs.
On Jul 23, 2014, at 11:45 AM, Amir 'CG' Caspi wrote:
> On 2014-07-02 15:04, Amir Caspi wrote:
>> For what it's worth, I just received a spam that basically is the same
>> as what Philip complained about. I've posted a spample here:
>> http://pastebin.com/Y2YGwL49
> [...]
>> I'm wondering if we
On Thu, 2014-07-24 at 21:43 +, Greg Ledford wrote:
> So it looks like SA and Amavis are being totally bypassed?
Yes, there should be a few X-Spam-* headers added by SA or Amavis above
the pasted ones. And of course there should be a Received header by
postfix.
Since you didn't mentioned it in
On Thu, 2014-07-24 at 18:34 +, Greg Ledford wrote:
> Not sure if I’m asking the right group but being new to all of this,
> it seems like a good place to start. A little about my setup. I wanted
> to build a front-end filter for my Exchange server so I put together
> Postfix-Spamassassin-Amavis
Not sure if I'm asking the right group but being new to all of this, it seems
like a good place to start. A little about my setup. I wanted to build a
front-end filter for my Exchange server so I put together
Postfix-Spamassassin-Amavis and tied in DCC, pyzor, and razor. I'm tailing the
mail.lo
On Wed, 2014-07-23 at 14:34 -0700, Asai wrote:
The mail server is running as a different user than amavis, so I ran
this under the amavis user:
0.000 0 3 0 non-token data: bayes db version
0.000 0624 0 non-token data: nspam
0.000 0
Hello
Thanks for answer.
>> Not yet. if I'm not mistaken amavis is working in delivery time not
>> SMTP time?
>
> AFAIK, it can run in pre-queue mode too. Surely when running as milter.
> and IIRC it runs at SMTP time by default.
For now I'll leave "my" solution with exec spamc in Exim's transp
Have you tried the amavis/sa-exim way?
On 20.07.14 15:22, Adi wrote:
Not yet. if I'm not mistaken amavis is working in delivery time not
SMTP time?
AFAIK, it can run in pre-queue mode too. Surely when running as milter.
and IIRC it runs at SMTP time by default.
Some my configuration is base
On 07/24/2014 10:37 AM, Dave Funk wrote:
>
> Thomas.
> Do you have 'MSA' port enabled for your sendmail? (IE port 567) and
> SMTP-AUTH? Then just skip the dnsbl checks for auth'ed mail submissions.
> You could whitelist your client IP address in your 'access' file but
> what happens when that addr
On Thu, 24 Jul 2014, Thomas Cameron wrote:
Howdy -
I have two VMs at Digital Ocean, one on the east coast, one on the west.
I'm running Sendmail-8.14.8-2.fc20.x86_64. I have several DNSBLs listed:
FEATURE(`dnsbl',`in.dnsbl.org ')dnl
FEATURE(`dnsbl',`sbl-xbl.spamhaus.org')dnl
FEATURE(`dnsbl',`
On Thu, 24 Jul 2014 09:32:35 +0200
Adi wrote:
> Hello
>
> 13 and 15 is new account received only one email:
>
> Why both account have token_count ~ 360 ?
> Not 1? whether these tokens are inherited?
A token is a word or some piece of derived data. I just means that that
email contained 360 of
s/somewhat// # ;)
On Thu, 2014-07-24 at 09:58 -0500, Thomas Cameron wrote:
> I'm running Sendmail-8.14.8-2.fc20.x86_64. I have several DNSBLs listed:
>
> FEATURE(`dnsbl',`in.dnsbl.org ')dnl
> FEATURE(`dnsbl',`sbl-xbl.spamhaus.org')dnl
> FEATURE(`dnsbl',`cbl.abuseat.org')dnl
> FEATURE(`dnsbl',`du
On 07/24/2014 09:58 AM, Thomas Cameron wrote:
> Howdy -
>
> I have two VMs at Digital Ocean, one on the east coast, one on the west.
>
> I'm running Sendmail-8.14.8-2.fc20.x86_64. I have several DNSBLs listed:
>
> FEATURE(`dnsbl',`in.dnsbl.org ')dnl
> FEATURE(`dnsbl',`sbl-xbl.spamhaus.org')dnl
>
Howdy -
I have two VMs at Digital Ocean, one on the east coast, one on the west.
I'm running Sendmail-8.14.8-2.fc20.x86_64. I have several DNSBLs listed:
FEATURE(`dnsbl',`in.dnsbl.org ')dnl
FEATURE(`dnsbl',`sbl-xbl.spamhaus.org')dnl
FEATURE(`dnsbl',`cbl.abuseat.org')dnl
FEATURE(`dnsbl',`dul.dnsb
Hello
I have Bayes in SQL for each users (emails) on test server.
SA is trigger by
/usr/local/bin/spamc -U /var/run/spamd/spamd.socket -u $local_part@$domain
I looked at the results in database and have doubt.
select * from bayes_vars;
id | username| spam_count | ham_count | token_count
1
31 matches
Mail list logo
