On 8/18/2016 8:34 PM, jdow wrote:
On 2016-08-18 17:11, RW wrote:
On Thu, 18 Aug 2016 18:14:47 -0500
Jerry Malcolm wrote:
I'm still trying to see why I'm not getting the report back. I've
gone all the way back to the source code that does the streaming of
the spamd invocation on port 783.
On 2016-08-18 17:11, RW wrote:
On Thu, 18 Aug 2016 18:14:47 -0500
Jerry Malcolm wrote:
I'm still trying to see why I'm not getting the report back. I've
gone all the way back to the source code that does the streaming of
the spamd invocation on port 783. I can't seem to find the
documentati
On Thu, 18 Aug 2016 18:14:47 -0500
Jerry Malcolm wrote:
> I'm still trying to see why I'm not getting the report back. I've
> gone all the way back to the source code that does the streaming of
> the spamd invocation on port 783. I can't seem to find the
> documentation anywhere on the format
On 8/18/2016 2:15 PM, Bowie Bailey wrote:
On 8/18/2016 3:05 PM, Jerry Malcolm wrote:
On 8/18/2016 1:45 PM, Bowie Bailey wrote:
On 8/18/2016 2:21 PM, li...@rhsoft.net wrote:
Am 18.08.2016 um 20:18 schrieb Jerry Malcolm:
This is the X-Spam-Status header I got back on an uncaught spam. No,
hit
On 8/18/2016 5:39 PM, Benny Pedersen wrote:
On 2016-08-18 21:08, Jerry Malcolm wrote:
Hmm. I do not have any forwarding statements. Is there a way via
command line (e.g. nslookup, etc) that I can determine if BIND is
recursing or forwarding? I assume that might be in the SA report
header. B
On 2016-08-18 21:08, Jerry Malcolm wrote:
Hmm. I do not have any forwarding statements. Is there a way via
command line (e.g. nslookup, etc) that I can determine if BIND is
recursing or forwarding? I assume that might be in the SA report
header. But see my previous response that I can't seem
On 2016-08-18 20:48, Jerry Malcolm wrote:
|allow-recursion { any; }; |But it lists other options such as
allow-query, allow-query-cache, etc. Is recursion the only one that
might be affecting SA? Or should I enable other options?
this is safe if you only listen to 127.0.0.1
if you use it on
On 2016-08-18 20:36, Jerry Malcolm wrote:
ok, I discovered the hidden ctrl-u fn in Tbird to show the full
source. Updated pastebin: http://pastebin.com/eRurR7Mv
DBL_SPAM: 6.50
URIBL_SBL_CSS: 6.50
URIBL_BLACK: 7.50
ABUSE_SURBL: 5.50
FUZZY_DENIED: 8.54
ONCE_RECEIVED: 0.10
DCC_BULK: 2.00
MIME_
On 18 Aug 2016, at 15:08, Jerry Malcolm wrote:
On 8/18/2016 1:50 PM, li...@rhsoft.net wrote:
Am 18.08.2016 um 20:48 schrieb Jerry Malcolm:
This is encouraging. I looked up how to set recursion in Bind. It
looks like it's just requires adding a field to the options:
|allow-recursion { any;
On 8/18/2016 3:05 PM, Jerry Malcolm wrote:
On 8/18/2016 1:45 PM, Bowie Bailey wrote:
On 8/18/2016 2:21 PM, li...@rhsoft.net wrote:
Am 18.08.2016 um 20:18 schrieb Jerry Malcolm:
This is the X-Spam-Status header I got back on an uncaught spam. No,
hits=0.3 required=5.0. The spam was selling a
On 08/18/2016 08:48 PM, Jerry Malcolm wrote:
On 8/18/2016 1:35 PM, Joe Quinn wrote:
On 8/18/2016 2:27 PM, Jerry Malcolm wrote:
I haven't figured out a way to get Thunderbird to allow me to
copy/paste the headers. But I did look at all of the headers. There
are no headers in the email with name
Am 18.08.2016 um 21:08 schrieb Jerry Malcolm:
On 8/18/2016 1:50 PM, li...@rhsoft.net wrote:
Am 18.08.2016 um 20:48 schrieb Jerry Malcolm:
This is encouraging. I looked up how to set recursion in Bind. It
looks like it's just requires adding a field to the options:
|allow-recursion { any;
On Thu, 18 Aug 2016, Jerry Malcolm wrote:
On 8/18/2016 12:16 PM, John Hardin wrote:
There are also potential DNS issues that may contribute. In addition to
describing your environment, perhaps you could post the X-Spam-Status
header from a couple of the low-scoring spams.
John,
This is t
Am 18.08.2016 um 21:05 schrieb Jerry Malcolm:
I see the local.cf file, it is already configured with 'all report'.
But I looked at a msg that was flagged a spam. It doesn't have a report
header either. I guess it's possible that the JAMES invoker mailet is
stripping the headers. But I don't
On 8/18/2016 1:50 PM, li...@rhsoft.net wrote:
Am 18.08.2016 um 20:48 schrieb Jerry Malcolm:
This is encouraging. I looked up how to set recursion in Bind. It
looks like it's just requires adding a field to the options:
|allow-recursion { any; }; |But it lists other options such as
allow-quer
On 8/18/2016 1:45 PM, Bowie Bailey wrote:
On 8/18/2016 2:21 PM, li...@rhsoft.net wrote:
Am 18.08.2016 um 20:18 schrieb Jerry Malcolm:
This is the X-Spam-Status header I got back on an uncaught spam. No,
hits=0.3 required=5.0. The spam was selling an all-in-one charger
we need the *report*
Am 18.08.2016 um 20:48 schrieb Jerry Malcolm:
This is encouraging. I looked up how to set recursion in Bind. It
looks like it's just requires adding a field to the options:
|allow-recursion { any; }; |But it lists other options such as
allow-query, allow-query-cache, etc. Is recursion the o
On 8/18/2016 1:35 PM, Joe Quinn wrote:
On 8/18/2016 2:27 PM, Jerry Malcolm wrote:
I haven't figured out a way to get Thunderbird to allow me to
copy/paste the headers. But I did look at all of the headers. There
are no headers in the email with names like you mentioned. There is
only the X-Sp
On 8/18/2016 2:21 PM, li...@rhsoft.net wrote:
Am 18.08.2016 um 20:18 schrieb Jerry Malcolm:
This is the X-Spam-Status header I got back on an uncaught spam. No,
hits=0.3 required=5.0. The spam was selling an all-in-one charger
we need the *report* header
By default, the report header is o
Am 18.08.2016 um 20:27 schrieb Jerry Malcolm:
On 8/18/2016 1:17 PM, li...@rhsoft.net wrote:
Am 18.08.2016 um 20:10 schrieb Jerry Malcolm:
Here is a pastebin.com link to an example uncaught spam message. SA
scored it a 4.7. http://pastebin.com/T1CfVgP4
useless without any headers which wou
On Thu, 18 Aug 2016, Jerry Malcolm wrote:
Thanks for the quick response. I'll try to reply with what I know. But I
purchased a package "SpamAssassin In A Box" from JAM Software.
I hate to say this, but - perhaps you should be asking JAM *first*...
Here is a pastebin.com link to an example u
On 8/18/2016 1:23 PM, Benny Pedersen wrote:
On 2016-08-18 20:10, Jerry Malcolm wrote:
Here is a pastebin.com link to an example uncaught spam message. SA
scored it a 4.7. http://pastebin.com/T1CfVgP4
MISSING_DATE: 1.00
DCC_BULK: 2.00
MISSING_TO: 2.00
MISSING_MID: 2.50
MISSING_SUBJECT: 2.00
w
On 8/18/2016 2:27 PM, Jerry Malcolm wrote:
I haven't figured out a way to get Thunderbird to allow me to
copy/paste the headers. But I did look at all of the headers. There
are no headers in the email with names like you mentioned. There is
only the X-Spam-Status header and X-Spam-Flag header
On 8/18/2016 1:17 PM, li...@rhsoft.net wrote:
Am 18.08.2016 um 20:10 schrieb Jerry Malcolm:
Here is a pastebin.com link to an example uncaught spam message. SA
scored it a 4.7. http://pastebin.com/T1CfVgP4
useless without any headers which would show the matching rules
including major mista
On 2016-08-18 20:10, Jerry Malcolm wrote:
Here is a pastebin.com link to an example uncaught spam message. SA
scored it a 4.7. http://pastebin.com/T1CfVgP4
MISSING_DATE: 1.00
DCC_BULK: 2.00
MISSING_TO: 2.00
MISSING_MID: 2.50
MISSING_SUBJECT: 2.00
was what it scored as in pastebin, rspamd test
Am 18.08.2016 um 20:18 schrieb Jerry Malcolm:
This is the X-Spam-Status header I got back on an uncaught spam. No,
hits=0.3 required=5.0. The spam was selling an all-in-one charger
we need the *report* header
What kind of DNS issues? I lease a server from Peer1 and use their name
servers.
Hi,
I truly hesitate to add to this nonsense, but I am not sure of the
quality of squidblacklist.org's blacklists when the proprietor makes
statements such as the following:
https://www.facebook.com/squidblacklist/posts/1910402539187319
"Announcement: We will be publishing a #Femism blacklist
On 2016-08-18 2:10 PM, Jerry Malcolm wrote:
Thanks for the quick response. I'll try to reply with what I know. But
I purchased a package "SpamAssassin In A Box" from JAM Software. I ran
the installer, and that's it. I'm sorry that I don't know more. But I
don't know much about the inner work
On 8/18/2016 12:16 PM, John Hardin wrote:
On Thu, 18 Aug 2016, Jerry Malcolm wrote:
I installed the latest SpamAssassin In a Box yesterday (Win Server
2008 r2). I kept all of the defaults. It is up and running. But I'm
getting a huge amount of spam, and I mean 'obvious' spam mentioning
body
Am 18.08.2016 um 20:10 schrieb Jerry Malcolm:
Here is a pastebin.com link to an example uncaught spam message. SA
scored it a 4.7. http://pastebin.com/T1CfVgP4
useless without any headers which would show the matching rules
including major mistakes like URIBL_BLOCKED
but even passing that "
Thanks for the quick response. I'll try to reply with what I know. But
I purchased a package "SpamAssassin In A Box" from JAM Software. I ran
the installer, and that's it. I'm sorry that I don't know more. But I
don't know much about the inner workings. I was just hoping it would work.
I
On Thu, 18 Aug 2016, Jerry Malcolm wrote:
I installed the latest SpamAssassin In a Box yesterday (Win Server 2008 r2).
I kept all of the defaults. It is up and running. But I'm getting a huge
amount of spam, and I mean 'obvious' spam mentioning body parts in the
subject line that are get
On 08/18/2016 06:47 PM, Jerry Malcolm wrote:
I installed the latest SpamAssassin In a Box yesterday (Win Server 2008
r2). I kept all of the defaults. It is up and running. But I'm
getting a huge amount of spam, and I mean 'obvious' spam mentioning body
parts in the subject line that are ge
On Thu, 2016-08-18 at 13:50 +, Nicola Piazzi wrote:
> Is there a way to have multiple line in a single rule ?
>
Not as far as I know.
I use long lists (e.g. selling terms or product names) to recognise
advertising spam and initially thought of writing something like an RBL
to handle such lis
I installed the latest SpamAssassin In a Box yesterday (Win Server 2008
r2). I kept all of the defaults. It is up and running. But I'm
getting a huge amount of spam, and I mean 'obvious' spam mentioning body
parts in the subject line that are getting low scores (averaging
about 15 uncaug
On Thu, 18 Aug 2016, Benjamin E. Nichols wrote:
Benjamin E. Nicholshttp://www.squidblacklist.org
1-405-397-1360
Normally I don't respond to unsubscribe requests with this comment to be
polite, but in this case you have shown you don't deserve that
consideration...
The Internet is an inte
On Thu, 18 Aug 2016 17:22:50 +0200
Benny Pedersen wrote:
> > Another good candidate for
> > http://search.cpan.org/~dskoll/Mail-ThreadKiller/
> since i use rspamd now, would it be possible to see a lua module of
> it ?
I don't know Lua. I integrate it into the LDA. This is my .procmailrc:
:
On 2016-08-18 17:06, Dianne Skoll wrote:
Another good candidate for
http://search.cpan.org/~dskoll/Mail-ThreadKiller/
since i use rspamd now, would it be possible to see a lua module of it ?
or would it work as a spamassassin plugin ?
either way thanks for make it free
On 2016-08-18 17:08, Antony Stone wrote:
or in every list msg's headers .-)
Indeed:
squirrelmail have it, i still miss it in roundcube, horde hmm ?,
thunderbird have it as a plugin, microsoft and apple dont give a damm
about it :=)
pick your own battles
On Thursday 18 August 2016 at 17:07:31, Axb wrote:
> On 08/18/2016 05:05 PM, Joe Quinn wrote:
> > On 8/18/2016 10:57 AM, Benjamin E. Nichols wrote:
> >> Benjamin E. Nichols
> >>
> >> http://www.squidblacklist.org
> >>
> >>
> >> 1-405-397-1360
> >
> > Documentation on how to unsubscribe from
On 8/18/2016 10:50 AM, Benjamin E. Nichols wrote:
> cry babies and bitches
Oh, great. Not enough to spam the list. Not enough to call someone
a bonehead. We also have to have misogynistic gendered insults.
*plonk*
Another good candidate for http://search.cpan.org/~dskoll/Mail-ThreadKiller/
On 08/18/2016 05:05 PM, Joe Quinn wrote:
On 8/18/2016 10:57 AM, Benjamin E. Nichols wrote:
Benjamin E. Nichols
http://www.squidblacklist.org
1-405-397-1360
Documentation on how to unsubscribe from the list can be found on
apache.org or in the notification you received when you first s
On 8/18/2016 10:57 AM, Benjamin E. Nichols wrote:
Benjamin E. Nichols
http://www.squidblacklist.org
1-405-397-1360
Documentation on how to unsubscribe from the list can be found on
apache.org or in the notification you received when you first subscribed.
Benjamin E. Nicholshttp://www.squidblacklist.org
1-405-397-1360
On 8/18/2016 10:50 AM, Benjamin E. Nichols wrote:
Im sorry. I thought this was an intelligent users list, if I had known
it was loaded with cry babies and bitches I would never joined.
UNSUBSCRIBE ME.
Benjamin E. Nichols
http://www.squidblacklist.org
1-405-397-1360
-- Original
On 8/18/2016 10:03 AM, Benny Pedersen wrote:
no point in spamming freee maillists so ?
Original Message
Subject: Re: New domain blacklist options available.
Date: 2016-08-18 15:46
From: "Benjamin E. Nichols"
To: Benny Pedersen
Because we dont work for free bonehead.
To pu
sure just show the source
It isnt spam, but you sir are a jerk.
you should not have posted commercial software here, hope you get my
point
no point in spamming freee maillists so ?
Original Message
Subject: Re: New domain blacklist options available.
Date: 2016-08-18 15:46
From: "Benjamin E. Nichols"
To: Benny Pedersen
Because we dont work for free bonehead.
Benjamin E. Nichols
http://www.squidblacklist.or
On 2016-08-18 14:21, Nicola Piazzi wrote:
I made a plugin that watch if someone answer us, i watch if in header
there is a reference of a message id that we sent in the past
pretty cool
So when I receive a mail from j...@cocacola.it and it have a reference I
whitelist @cocacola.it
When I rece
Is there a way to have multiple line in a single rule ?
For example :
metaOW_SENT_EMAIL ( OW_T_SENT_EMAIL && ! OW_T_REF_EMAIL &&
! OW_T_REF_FULL && ! OW_REF_THIS && OW_PASS)
Will be better :
metaOW_SENT_EMAIL ( OW_T_SENT_EMAIL
On 2016-08-18 04:39, Benjamin E. Nichols wrote:
We heard you loud and clear, you wanted our enhanced blacklists in a
similar archive/file structure as shallalist and urlblacklist for your
web filtering platform, so we finally did it! Available now to all
...
why is this posted on a free mailli
On 17.08.16 11:02, Marc Perkel wrote:
For what it's worth I have noticed that people who are familiar with
Bayesian filtering seem to have a mental block when it comes to
understanding this. People who know nothing about bayesian get it
instantly. Here's the actual formula.
card(Test_message
On 08/18/2016 02:53 PM, Bill Cole wrote:
On 18 Aug 2016, at 4:34, Nicola Piazzi wrote:
On 08/18/2016 10:20 AM, Nicola Piazzi wrote:
1)
Another thing, the date of files is # Updated 2014-09-17-axb
What is the problem with that?
Problem that now we are in 2016
so? I committed the last updat
On 18 Aug 2016, at 4:34, Nicola Piazzi wrote:
On 08/18/2016 10:20 AM, Nicola Piazzi wrote:
1)
Another thing, the date of files is # Updated 2014-09-17-axb
What is the problem with that?
Problem that now we are in 2016
so? I committed the last update in 2014.
Ok bit is very probably that fr
On Thursday 18 August 2016 at 14:21:27, Nicola Piazzi wrote:
> I made a plugin that watch if someone answer us, i watch if in header there
> is a reference of a message id that we sent in the past
>
> So when I receive a mail from j...@cocacola.it and it have a reference I
> whitelist @cocacola.i
On Thursday 18 August 2016 at 14:21:27, Nicola Piazzi wrote:
> I made a plugin that watch if someone answer us, i watch if in header there
> is a reference of a message id that we sent in the past
>
> So when I receive a mail from j...@cocacola.it and it have a reference I
> whitelist @cocacola.i
I made a plugin that watch if someone answer us, i watch if in header there is
a reference of a message id that we sent in the past
So when I receive a mail from j...@cocacola.it and it have a reference I
whitelist @cocacola.it
When I receive j...@gmail.com I whitelist just j...@gmail.com
Nic
On 2016-08-18 09:31, Nicola Piazzi wrote:
It can be very useful a dns service URIBL that tell if a domain is
public or private
If is private I can whitelist entire domain instead address by address
when I receive an ham from one
For example :
I cannot WL gmail.com if I receive a ham from j...@gma
On 08/18/2016 10:34 AM, Nicola Piazzi wrote:
> 2)
> FREEMAIL_FROM rule have description “Sender email is commonly abused enduser
mail provider”
> Is this the rule to use if I want to know if MAIL FROM is from any kind of
freemail provider ?
> If is so description must be changed to “Sender emai
OOPS! seems I borked that reply..
On 08/18/2016 10:34 AM, Nicola Piazzi wrote:
On 08/18/2016 10:20 AM, Nicola Piazzi wrote:
1)
Another thing, the date of files is # Updated 2014-09-17-axb
What is the problem with that?
Problem that now we are in 2016
so? I committed the last update in 201
On 08/18/2016 10:20 AM, Nicola Piazzi wrote:
> 1)
>>> Another thing, the date of files is # Updated 2014-09-17-axb
>> What is the problem with that?
> Problem that now we are in 2016
so? I committed the last update in 2014.
Ok bit is very probably that from 2014 a lot of new freemail services bor
On 08/18/2016 10:20 AM, Nicola Piazzi wrote:
1)
Another thing, the date of files is # Updated 2014-09-17-axb
What is the problem with that?
Problem that now we are in 2016
so? I committed the last update in 2014.
2)
FREEMAIL_FROM rule have description “Sender email is commonly abused endus
1)
>> Another thing, the date of files is # Updated 2014-09-17-axb
> What is the problem with that?
Problem that now we are in 2016
2)
FREEMAIL_FROM rule have description “Sender email is commonly abused enduser
mail provider”
Is this the rule to use if I want to know if MAIL FROM is from any kin
On 08/18/2016 10:04 AM, Nicola Piazzi wrote:
This is a good idea, but there are 2 files :
20_freemail_mailcom_domains.cf
20_freemail_domains.cf
The first is commonly abused only
FREEMAIL_FROM rule search in both but have a strange description “Sender email
is commonly abused enduser mail provide
This is a good idea, but there are 2 files :
20_freemail_mailcom_domains.cf
20_freemail_domains.cf
The first is commonly abused only
FREEMAIL_FROM rule search in both but have a strange description “Sender email
is commonly abused enduser mail provider”
It tell ‘commonly abused’ but it search also
On 08/18/2016 09:50 AM, Jason Haar wrote:
Check out 20_freemail_domains.cf that is part of SpamAssassin. It contains
all the known "freemail" services, so you could work on the assumption that
if it's not one of these, it's "private"
FTR:
20_freemail_domains.cf contains "freemail" domains which
dnswl.org partially does that. Entities which have close administrative
control over their users get higher trust levels.
-- Matthias
On Thu, Aug 18, 2016 at 9:31 AM, Nicola Piazzi wrote:
> It can be very useful a dns service URIBL that tell if a domain is public
> or private
> If is private I
Check out 20_freemail_domains.cf that is part of SpamAssassin. It contains
all the known "freemail" services, so you could work on the assumption that
if it's not one of these, it's "private"
--
Cheers
Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +1 408 481 8171
PGP F
It can be very useful a dns service URIBL that tell if a domain is public or
private
If is private I can whitelist entire domain instead address by address when I
receive an ham from one
For example :
I cannot WL gmail.com if I receive a ham from j...@gmail.com
But I can WL cocacola.com if I rece
69 matches
Mail list logo
