On Wed, Sep 18, 2019 at 08:40:55PM +0100, RW wrote:
> On Wed, 18 Sep 2019 12:29:43 +0200
> Matus UHLAR - fantomas wrote:
>
> > Hello,
> >
> > I have received following spam:
> >
> > https://pastebin.com/SkvkVWik
> >
> > This hits FORGED_GMAIL_RCVD although the message came from google mail
> >
On Wed, 18 Sep 2019, RW wrote:
On Wed, 18 Sep 2019 15:30:46 +0200
Dan Malm wrote:
Ok, I'm pretty sure this is mostly on my end, but I think there are
also some issues with the __NOT_SPOOFED meta rule.
1: I was able to reproduce getting the SPOOFED_FREEMAIL locally on my
machine when running s
On Wed, 18 Sep 2019 12:29:43 +0200
Matus UHLAR - fantomas wrote:
> Hello,
>
> I have received following spam:
>
> https://pastebin.com/SkvkVWik
>
> This hits FORGED_GMAIL_RCVD although the message came from google mail
> servers.
>
> According to HeaderEval.pm, message apparently misses
> X-Go
On 18/09/19 21:05, Amir Caspi wrote:
Since the return code for the domain is specifically regarding
malware, shouldn't the score be higher? I would imagine the purpose
of the unique Spamhaus return codes is to enable such granularity in
scoring on the user end...
I can't speak about SA s
On Sep 18, 2019, at 3:19 AM, Riccardo Alfieri
wrote:
>
> You are correct, URLhaus domains enter DBL as abused legit malware, but the
> default SA score is not enough to mark the email as spam (and that's correct
> as it checks only the domain).
Since the return code for the domain is specific
On Wed, 18 Sep 2019 15:30:46 +0200
Dan Malm wrote:
> Ok, I'm pretty sure this is mostly on my end, but I think there are
> also some issues with the __NOT_SPOOFED meta rule.
>
> 1: I was able to reproduce getting the SPOOFED_FREEMAIL locally on my
> machine when running spammassassin with the -L
Ok, I'm pretty sure this is mostly on my end, but I think there are also
some issues with the __NOT_SPOOFED meta rule.
1: I was able to reproduce getting the SPOOFED_FREEMAIL locally on my
machine when running spammassassin with the -L parameter.
2: The reason (I assume) that I get the rule hit o
Hi,
I've gotten some reports about mails from hotmail being incorrectly
filtered as spam on my systems. I'm seeing a lot of perfectly valid,
non-spoofed mails from them hitting the SPOOFED_FREEMAIL rule. Is anyone
else seeing the same, or is it some issue in my configuration?
RuleQA seems to indi
Hello,
I have received following spam:
https://pastebin.com/SkvkVWik
This hits FORGED_GMAIL_RCVD although the message came from google mail
servers.
According to HeaderEval.pm, message apparently misses X-Google-Smtp-Source
header
is there any reason to expect that header in mail from gmail?
On Wed, Sep 18, 2019 at 09:19:17AM +, Riccardo Alfieri wrote:
> On 17/09/19 20:54, Amir Caspi wrote:
>
> >Based on https://feodotracker.abuse.ch/mitigate/, it looks like both
> >Spamhaus DBL and SURBL are fed by URLhaus. Spamhaus returns 127.0.1.105
> >for URLs fed from URLhaus. Doesn't SA a
On 17/09/19 20:54, Amir Caspi wrote:
Based on https://feodotracker.abuse.ch/mitigate/, it looks like both
Spamhaus DBL and SURBL are fed by URLhaus. Spamhaus returns
127.0.1.105 for URLs fed from URLhaus. Doesn't SA already handle
this, then, for URLs it processes, since it uses the DBL?
I
Good day Guys
Just came across the following read.
https://gbhackers.com/spear-phishing/
Just shows you how important our role is as mail admins to protect our
users, clients, business reputation.
A huge thank you to the powers that be behind the scenes writing and
updating rules and signat
12 matches
Mail list logo
