Am 12.02.2015 23:44, schrieb Benny Pedersen:
On 12. feb. 2015 22.25.10 Alex Regan wrote:
http://pastebin.com/C0YTr3Wn
I've added the IP range and sender to local blocklists. Can you
suggest
any other possibilities for blocking these?
meta DKIM_ADSP_ALL (3) (3) (3) (3)
simple and neat im
> On 12 Feb 2015, at 19:05 , David B Funk wrote:
>
> On Thu, 12 Feb 2015, LuKreme wrote:
>
>> An email from the New York times daily headlines service is hitting Bayes_99
>> and Bayes_999
>>
>> pts rule name description
>> --
>> -
> On Feb 12, 2015, at 14.09, Kevin A. McGrail wrote:
>
> On 2/11/2015 7:25 PM, listsb-spamassas...@bitrate.net wrote:
>> i hope another solicitation for this help request is ok.
>
> It's ok.
>
> Overall, I agree. I tested on a devel box and running sa-compile does have
> an rm line but did l
On Thu, 12 Feb 2015, LuKreme wrote:
An email from the New York times daily headlines service is hitting Bayes_99
and Bayes_999
pts rule name description
-- --
4.0 BAYES_99 BODY: Bayes spam proba
On Thu, 12 Feb 2015, LuKreme wrote:
On 12 Feb 2015, at 17:58 , Dave Pooser wrote:
On 2/12/15, 6:48 PM, "Alex Regan" wrote:
So shouldn't there be a rule for a rule that claims to come from Amazon
but does not pass through any of its servers?
I have a series of rules like:
whitelist_auth *@
On 12 Feb 2015, at 17:58 , Dave Pooser wrote:
> On 2/12/15, 6:48 PM, "Alex Regan" wrote:
>
>> So shouldn't there be a rule for a rule that claims to come from Amazon
>> but does not pass through any of its servers?
>
> I have a series of rules like:
>
> whitelist_auth *@bankofamerica.com
> blac
An email from the New York times daily headlines service is hitting Bayes_99
and Bayes_999
pts rule name description
-- --
4.0 BAYES_99 BODY: Bayes spam probability is 99 to 100%
On 2/12/15, 6:48 PM, "Alex Regan" wrote:
>So shouldn't there be a rule for a rule that claims to come from Amazon
>but does not pass through any of its servers?
I have a series of rules like:
whitelist_auth *@bankofamerica.com
blacklist_from *@bankofamerica.com
So any bankofamerica.com address
Hi,
4.0 LOTS_OF_MONEY Huge... sums of money
Ugh, my update of 72_scores.cf (this morning at 5am) shows:
score LOTS_OF_MONEY 0.001 0.010 0.001 0.010
Were there a lot of recent FPs with this rule that it's been disabled,
basically?
No, by itself it's intended as informative.
On Thu, 12 Feb 2015, Alex Regan wrote:
4.0 LOTS_OF_MONEY Huge... sums of money
Ugh, my update of 72_scores.cf (this morning at 5am) shows:
score LOTS_OF_MONEY 0.001 0.010 0.001 0.010
Were there a lot of recent FPs with this rule that it's been disabled,
basically?
No, by i
On Thu, 12 Feb 2015 14:09:00 -0500
Kevin A. McGrail wrote:
> On 2/11/2015 7:25 PM, listsb-spamassas...@bitrate.net wrote:
> > i hope another solicitation for this help request is ok.
>
> It's ok.
>
> Overall, I agree. I tested on a devel box and running sa-compile
> does have an rm line but did
On 12. feb. 2015 22.25.10 Alex Regan wrote:
http://pastebin.com/C0YTr3Wn
I've added the IP range and sender to local blocklists. Can you suggest
any other possibilities for blocking these?
meta DKIM_ADSP_ALL (3) (3) (3) (3)
simple and neat imho
Hi,
-2.0 BAYES_00 BODY: Bayes spam probability is 0 to 1%
Interesting that yours also hit bayes00.
4.0 LOTS_OF_MONEY Huge... sums of money
Ugh, my update of 72_scores.cf (this morning at 5am) shows:
score LOTS_OF_MONEY 0.001 0.010 0.001 0.010
Were there a lot
Content analysis details: (5.1 points, 5.0 required)
pts rule name description
-- --
-2.0 SPF_HELO_PASS SPF: HELO matches SPF record
0.8 DKIM_ADSP_ALL No valid author signature, domain sign
Hi,
I was hoping someone could help me analyze this possible phishing scam:
http://pastebin.com/C0YTr3Wn
It hit bayes00 for me, which is obviously a problem, but the body looks
to be from an actual amazon email with the exception of a Word document
attachment, so is it all that unusual for it
On 12. feb. 2015 20.17.44 Dave Warren wrote:
However, using a DMARC "quarantine" or "reject" policy causes breakage
when users attempt to participate in discussion based mailing lists, or
other systems which modify messages (adding subject tags, adding
footers, removing existing signatures), so
On 2015-02-12 11:27, Martin Gregorie wrote:
On Thu, 2015-02-12 at 15:07 -0400, francis picabia wrote:
SPF works as designed. Forget SPF.
Quite: the only real use for SPF is to prevent you inadvertently
spraying innocent people with backscatter. If the sender has been forged
by a spammer and y
On Thu, 2015-02-12 at 15:07 -0400, francis picabia wrote:
> SPF works as designed. Forget SPF.
>
Quite: the only real use for SPF is to prevent you inadvertently
spraying innocent people with backscatter. If the sender has been forged
by a spammer and your MTA can't deliver it (usually because the
On 2015-02-12 08:17, francis picabia wrote:
Our spamassassin 3.3.1 is marking email with tags like and
SPF_SOFTFAIL and SPF_FAIL, as long as the sender info
is failing the SPF test. But if the sender passes the test
and the From: address is from our domain, then there
are no SPF tags appearing.
On 2/11/2015 7:25 PM, listsb-spamassas...@bitrate.net wrote:
i hope another solicitation for this help request is ok.
It's ok.
Overall, I agree. I tested on a devel box and running sa-compile does
have an rm line but did leave these files listed below.
Because /tmp is a considered auto cle
On Thu, Feb 12, 2015 at 1:46 PM, Benny Pedersen wrote:
> On 12. feb. 2015 17.40.13 "Kevin A. McGrail" wrote:
>
>> Spf deals with the envelope sender not the from address.
>
>
> envelope_sender_header From
>
> bad example to follow, it not really a spf question, sender-id is the
> untrusted versio
On 12. feb. 2015 17.40.13 "Kevin A. McGrail" wrote:
Spf deals with the envelope sender not the from address.
envelope_sender_header From
bad example to follow, it not really a spf question, sender-id is the
untrusted version of dkim
current dmarc rfc have design faults :(
Am 12.02.2015 um 17:58 schrieb francis picabia:
On Thu, Feb 12, 2015 at 12:33 PM, Kevin A. McGrail wrote:
Spf deals with the envelope sender not the from address.
Beyond that it, you might find dkim to be a better solution to prevent
others spoofing your domain.
Thanks for the reply. Has a
On Thu, Feb 12, 2015 at 12:33 PM, Kevin A. McGrail wrote:
> Spf deals with the envelope sender not the from address.
>
> Beyond that it, you might find dkim to be a better solution to prevent
> others spoofing your domain.
> Regards,
> KAM
>
Thanks for the reply. Has anyone tried a test like the
Am 12.02.2015 um 17:17 schrieb francis picabia:
Our spamassassin 3.3.1 is marking email with tags like and
SPF_SOFTFAIL and SPF_FAIL, as long as the sender info
is failing the SPF test. But if the sender passes the test
and the From: address is from our domain, then there
are no SPF tags appear
Spf deals with the envelope sender not the from address.
Beyond that it, you might find dkim to be a better solution to prevent others
spoofing your domain.
Regards,
KAM
On February 12, 2015 11:17:38 AM EST, francis picabia
wrote:
>Our spamassassin 3.3.1 is marking email with tags like and
>
Our spamassassin 3.3.1 is marking email with tags like and
SPF_SOFTFAIL and SPF_FAIL, as long as the sender info
is failing the SPF test. But if the sender passes the test
and the From: address is from our domain, then there
are no SPF tags appearing.
The risk is that users don't look at the send
On Tue, 10 Feb 2015, Rajesh M wrote:
now i need to set a rule such that u...@abc.com can receive emails
only from specific external domains and rest all should be rejected
On 11.02.15 10:47, Lucio Chiappetti wrote:
To me this seems a task for procmail.
On Wed, 11 Feb 2015, Matus UHLAR - fa
On Wed, 11 Feb 2015, Matus UHLAR - fantomas wrote:
On Tue, 10 Feb 2015, Rajesh M wrote:
now i need to set a rule such that u...@abc.com can receive emails
only from specific external domains and rest all should be rejected
On 11.02.15 10:47, Lucio Chiappetti wrote:
To me this seems a task
29 matches
Mail list logo
