I am running Freebsd 10.0, with Postfix, Dovecot, MySql, and
Spamassassin 3.4.0(Perl 5.16.3). This is the second time this has
happened to me. All ran fine for roughly 410 days, then Spamassassin
stop flagging emails, and has all kinds of errors in the log. Nothing
was touched on the system other t
On Fri, 19 May 2017 22:40:41 +0200
Benny Pedersen wrote:
> problem with rfcs for dmarc is that its not possible to whitelist
> maillists servers so thay never reject on policy reject, what would
> happend if we all reject on a single domain that have policy
> reject ?, then no one would be subs
On Fri, 19 May 2017, David Jones wrote:
From: David B Funk
On Fri, 19 May 2017, RW wrote:
On Fri, 19 May 2017 14:13:22 -0500 (CDT)
David B Funk wrote:
ne.
My read on this is that "@ena.com" is living dangerously. They
publish SPF records and DMARC records (with p=reject) but do NOT DK
Alan Hodgson skrev den 2017-05-19 22:34:
Well, it's not the list. Others' signatures are coming through fine.
problem is that dkim is not showing to apache.org mailserver, so
downstream testing dmarc rejects, undesired config in many ways
I had to tell OpenDMARC to whitelist ena.com to get
David Jones skrev den 2017-05-19 21:36:
SPF:PASS with IP 96.5.1.12
DKIM: PASS with domain ena.com
DMARC: PASS
authentication-results: spamassassin.apache.org; dkim=none (message not
signed) header.d=none;spamassassin.apache.org; dmarc=none action=none
header.from=ena.com;
is somethin
On Friday 19 May 2017 20:11:42 David Jones wrote:
> >Urgg, I see that now. I looked at a few of David Jones' posts to this list
> >and saw that they weren't DKIM signed, so I extrapolated that to a general
> >asumption.
>
> They are DKIM signed so something must be striping the headers.
>
Well,
>From: David B Funk
>On Fri, 19 May 2017, RW wrote:
>> On Fri, 19 May 2017 14:13:22 -0500 (CDT)
>> David B Funk wrote:
>>
>> ne.
>>>
>>> My read on this is that "@ena.com" is living dangerously. They
>>> publish SPF records and DMARC records (with p=reject) but do NOT DKIM
>>> sign their mai
On Fri, 19 May 2017, RW wrote:
On Fri, 19 May 2017 14:13:22 -0500 (CDT)
David B Funk wrote:
ne.
My read on this is that "@ena.com" is living dangerously. They
publish SPF records and DMARC records (with p=reject) but do NOT DKIM
sign their mail.
Most of them pass DKIM, a minority aren't sig
>From: RW
>On Fri, 19 May 2017 14:13:22 -0500 (CDT)
>David B Funk wrote:
>ne.
>>
>> My read on this is that "@ena.com" is living dangerously. They
>> publish SPF records and DMARC records (with p=reject) but do NOT DKIM
>> sign their mail.
>Most of them pass DKIM, a minority aren't signe
On Fri, 19 May 2017 14:13:22 -0500 (CDT)
David B Funk wrote:
ne.
>
> My read on this is that "@ena.com" is living dangerously. They
> publish SPF records and DMARC records (with p=reject) but do NOT DKIM
> sign their mail.
Most of them pass DKIM, a minority aren't signed.
On Fri, 19 May 2017, Dianne Skoll wrote:
Hi,
Tons of list traffic keeps getting quarantined because of DMARC. For
example, a recent message from David Jones :
DMARC policy for domain ena.com suggests Rejection as
DMARC_POLICY_REJECT, but quarantined due to rule settings
$ host -t txt _dmarc.
On Fri, 19 May 2017 12:00:29 -0700
Alan Hodgson wrote:
> This is actually one of the few mailing lists that a DMARC p=reject
> domain can send anything to. Assuming they DKIM-sign their mail, of
> course.
Yep.
> I would argue that setting a DMARC p=reject policy without working
> DKIM is fundam
On Friday 19 May 2017 14:47:56 Dianne Skoll wrote:
> On Fri, 19 May 2017 20:43:39 +0200
>
> Benny Pedersen wrote:
> > some maillists break DKIM, forkus on that first, not last !
>
> Thank you for not adding any value to the conversation. The
> domain in question is not using DKIM.
>
This is a
Dianne Skoll skrev den 2017-05-19 20:47:
Thank you for not adding any value to the conversation. The
domain in question is not using DKIM.
okay, my fault then, but this is not a error if not using reject, but it
is if dmarc policy is reject
hope its clear now
David Jones skrev den 2017-05-19 20:38:
so let me open a Jira ticket to see if we need to get that setting
enabled.
Authentication-Results: linode.junc.eu; dmarc=fail (p=reject dis=none)
header.from=ena.com
Authentication-Results: linode.junc.eu; dkim=none; dkim-atps=neutral
where is the dk
On Fri, 19 May 2017 20:43:39 +0200
Benny Pedersen wrote:
> some maillists break DKIM, forkus on that first, not last !
Thank you for not adding any value to the conversation. The
domain in question is not using DKIM.
Regards,
Dianne.
Dianne Skoll skrev den 2017-05-19 20:30:
I'm pretty sure Mailman can do DMARC-munging. Can ezmlm do the
equivalent
of Mailman's "ALLOW_FROM_IS_LIST" feature?
some maillists break DKIM, forkus on that first, not last !
if you get this message here with DMARC fail, blame the maillist break
D
>From: Dianne Skoll
>Tons of list traffic keeps getting quarantined because of DMARC. For
>example, a recent message from David Jones :
>DMARC policy for domain ena.com suggests Rejection as
>DMARC_POLICY_REJECT, but quarantined due to rule settings
>$ host -t txt _dmarc.ena.com
>_dmarc.en
Hi,
Tons of list traffic keeps getting quarantined because of DMARC. For
example, a recent message from David Jones :
DMARC policy for domain ena.com suggests Rejection as
DMARC_POLICY_REJECT, but quarantined due to rule settings
$ host -t txt _dmarc.ena.com
_dmarc.ena.com descriptive text "v=D
>Would it be beneficial to add a local.cf config option to allow SA to
>specify a different DNS server rather than what the OS is using in
>/etc/resolv.conf?
Nevermind. David Funk just posted about "dns_server" that I wasn't
able to find earlier. Seems like setting that would be the best option
David Jones wrote:
Would it be beneficial to add a local.cf config option to allow SA to
specify a different DNS server rather than what the OS is using in
/etc/resolv.conf?
IIRC it does, and a quick scan of the Mail::SpamAssassin::Conf man page
turned up:
dns_server ip-addr-port (de
>From: Robert Kudyba
>> Wiki page updated and simplified.
>> https://wiki.apache.org/spamassassin/CachingNameserver
>For Fedora, since NetworkMangler (as many are fond to call it) is enabled
>by default it might be worthwhile to mention this comment at, but note that
>/etc/resolv.conf will be
On Fri, 19 May 2017, John Hardin wrote:
On Thu, 18 May 2017, Rob McEwen wrote:
In many cases, they explain to me that their settings got auto-overwritten
by their hoster - who just HAD to switch their resolv.conf file back to
8.8.8.8
cron. job.
Wouldn't the SA config parameter "dns_server
On Thu, 18 May 2017, Rob McEwen wrote:
In many cases, they explain to me that their settings got auto-overwritten by
their hoster - who just HAD to switch their resolv.conf file back to 8.8.8.8
cron. job.
--
John Hardin KA7OHZhttp://www.impsec.org/~jhardin/
jhar...@impse
>
> Wiki page updated and simplified.
>
> https://wiki.apache.org/spamassassin/CachingNameserver
For Fedora, since NetworkMangler (as many are fond to call it) is enabled
by default it might be worthwhile to mention this comment at, but note that
/etc/resolv.conf will be managed by dnssec-trigger
From: Matus UHLAR - fantomas
>On 18.05.17 17:05, Robert Kudyba wrote:
>> The link to http://njabl.org/rsync.html is broken at the moment.
>njabl.org is dead four (4) years
>On 18.05.17 14:39, John Hardin wrote:
>>I think this part of the wiki page may not be stressed stongly enough:
>[...]
On 18.05.17 17:05, Robert Kudyba wrote:
The link to http://njabl.org/rsync.html is broken at the moment.
njabl.org is dead four (4) years
On 18.05.17 14:39, John Hardin wrote:
I think this part of the wiki page may not be stressed stongly enough:
[...]
/* Disable forwarding for DNSBL querie
27 matches
Mail list logo
