Martin Gregorie writes:
> On Wed, 2015-09-02 at 14:12 +0200, Axb wrote:
>
>> afaik, there is no code freely available to [recode the Malware
>> Patrol rules], on server or client side.
>>
> ...the translation is easy to do with a simple awk script. Something
> like this:
>
> #!/bin/bash
> awk '
On 02/09/15 10:10, Sujit Acharyya-choudhury wrote:
It seems from the web site, one can use ClamAV and SaneSecurity to add extra
signatures. Would it not be more efficient?
http://sanesecurity.com/usage/signatures/
Second!
--
Paul Stead
Systems Engineer
Zen Internet
On Wed, 2 Sep 2015, Axb wrote:
On 09/02/15 16:12, John Hardin wrote:
On Wed, 2 Sep 2015, Olivier Nicole wrote:
> Malware Patrol (malwarepatrol.net) has a file with over 100,000 rules of
> the form:
>
> body MBL_2931645/files\.oqayiq\.biz\/javasoft\/different\//i
>
> This causes
Am 02.09.2015 um 17:40 schrieb Dave Pooser:
(Sorry for the double post if you saw this message on SDLU as well.)
I just had a Spamassassin FP that hit
URIBL_SBL Contains an URL's NS IP listed in the SBL blocklist
[URIs: www.alfordmedia.com]
Doing a w
(Sorry for the double post if you saw this message on SDLU as well.)
I just had a Spamassassin FP that hit
URIBL_SBL Contains an URL's NS IP listed in the SBL blocklist
[URIs: www.alfordmedia.com]
Doing a whois on alfordmedia.com shows that name services
On 09/02/15 16:12, John Hardin wrote:
On Wed, 2 Sep 2015, Olivier Nicole wrote:
Malware Patrol (malwarepatrol.net) has a file with over 100,000 rules of
the form:
body MBL_2931645/files\.oqayiq\.biz\/javasoft\/different\//i
This causes spamassassin --lint to never terminate (well, I k
On Wed, 2 Sep 2015, Olivier Nicole wrote:
Malware Patrol (malwarepatrol.net) has a file with over 100,000 rules of
the form:
body MBL_2931645/files\.oqayiq\.biz\/javasoft\/different\//i
This causes spamassassin --lint to never terminate (well, I killed it
afetr one hour).
I w
On 09/02/15 15:48, Martin Gregorie wrote:
On Wed, 2015-09-02 at 14:12 +0200, Axb wrote:
afaik, there is no code freely available to [recode the Malware
Patrol rules], on server or client side.
...the translation is easy to do with a simple awk script. Something
like this:
#!/bin/bash
awk '
On Wed, 2015-09-02 at 14:12 +0200, Axb wrote:
> afaik, there is no code freely available to [recode the Malware
> Patrol rules], on server or client side.
>
...the translation is easy to do with a simple awk script. Something
like this:
#!/bin/bash
awk '
/body/ { url = substr($3,2);
On 09/02/15 11:21, Olivier Nicole wrote:
Axb writes:
On 09/02/15 09:51, Olivier Nicole wrote:
Hi,
I am looking at malware patrol, but they offer a list of over 300,000
rules, that is way too big.
So I was considering using it in a URIDNSBL type of way, but including
the full URL, not only t
Dear Harald,
you solved my problem.
Thank you very much,
—Carlo
> On 02 Sep 2015, at 12:12, Reindl Harald wrote:
>
>
>
> Am 02.09.2015 um 12:08 schrieb Carlo Manuali:
>> I use “reject_unknown_sender_domain” as one of smtpd_recipient_restrictions.
>> What I do not understand is why only when u
Am 02.09.2015 um 12:08 schrieb Carlo Manuali:
I use “reject_unknown_sender_domain” as one of smtpd_recipient_restrictions.
What I do not understand is why only when use -o content_filter=spamassassin
this turn in the mentioned error; the transaction log (in the following line
@domain.eu is t
I use “reject_unknown_sender_domain” as one of smtpd_recipient_restrictions.
What I do not understand is why only when use -o content_filter=spamassassin
this turn in the mentioned error; the transaction log (in the following line
@domain.eu is the SMTP server domain) is very simple:
postfix/sm
On 9/2/2015 5:50 AM, Carlo Manuali wrote:
So, I suppose a SpamAssassin related problem. Can I provide other useful
information?
Or a configuration issue with postfix. Nothing jumps out to me as
obvious and you are on the same track I would be removing the content
filter and adding back.
Mig
"NOQUEUE: reject: RCPT from unknown Sender address rejected: Domain not
found" is clearly Postfix and "reject_unknown_sender_domain" while you
should post *all* loglines for that transaction and not just one
stripped line
Am 02.09.2015 um 11:50 schrieb Carlo Manuali:
Hi,
I tried different se
Hi,
I tried different senders and I always receive the same error. More of this, if
I change back:
#smtp inet n - n - - smtpd
smtpinet n - - - - smtpd -o
content_filter=spamassassin
to
smtpinet n
On 9/2/2015 5:34 AM, Carlo Manuali wrote:
NOQUEUE: reject: RCPT from unknown Sender address rejected: Domain not found
Are you sure the sender domain is legit and doesn't have a misspelling?
Is DNS on the box working? I would conjecture this is much earlier in
the discussion phase with postfi
Dear all,
I have a production server which to deliver mails (btw with SSL) uses:
mailbox_command = /usr/bin/procmail -a "$EXTENSION" DEFAULT=$HOME/Maildir/
MAILDIR=$HOME/Maildir
After installing SpamAssassin (v3.3 on redhat, for which local testing is ok) I
changed:
#smtp inet n
Axb writes:
> On 09/02/15 09:51, Olivier Nicole wrote:
>> Hi,
>>
>> I am looking at malware patrol, but they offer a list of over 300,000
>> rules, that is way too big.
>>
>> So I was considering using it in a URIDNSBL type of way, but including
>> the full URL, not only the host part. It should
It seems from the web site, one can use ClamAV and SaneSecurity to add extra
signatures. Would it not be more efficient?
http://sanesecurity.com/usage/signatures/
-Original Message-
From: Axb [mailto:axb.li...@gmail.com]
Sent: 02 September 2015 09:55
To: users@spamassassin.apache.org
Sub
On 02-09-15 10:44, Reindl Harald wrote:
>
>
> Am 02.09.2015 um 10:23 schrieb Axb:
>> On 09/02/15 09:51, Olivier Nicole wrote:
>>> Hi,
>>>
>>> I am looking at malware patrol, but they offer a list of over 300,000
>>> rules, that is way too big.
>>>
>>> So I was considering using it in a URIDNSBL
On 09/02/15 10:44, Reindl Harald wrote:
Am 02.09.2015 um 10:23 schrieb Axb:
On 09/02/15 09:51, Olivier Nicole wrote:
Hi,
I am looking at malware patrol, but they offer a list of over 300,000
rules, that is way too big.
So I was considering using it in a URIDNSBL type of way, but including
t
Am 02.09.2015 um 10:23 schrieb Axb:
On 09/02/15 09:51, Olivier Nicole wrote:
Hi,
I am looking at malware patrol, but they offer a list of over 300,000
rules, that is way too big.
So I was considering using it in a URIDNSBL type of way, but including
the full URL, not only the host part. It s
On 09/02/15 09:51, Olivier Nicole wrote:
Hi,
I am looking at malware patrol, but they offer a list of over 300,000
rules, that is way too big.
So I was considering using it in a URIDNSBL type of way, but including
the full URL, not only the host part. It should be able to accept things
like foo
Hi,
I am looking at malware patrol, but they offer a list of over 300,000
rules, that is way too big.
So I was considering using it in a URIDNSBL type of way, but including
the full URL, not only the host part. It should be able to accept things
like foo.example.com:81/directory/foo?something
Do
25 matches
Mail list logo
