On Mon, 24 Aug 2020, micah anderson wrote:
John Hardin writes:
On Mon, 24 Aug 2020, Marc Roos wrote:
You should use spf for this.
Duh.
+1
whitelist_auth *@amazon.com
blacklist_from *@amazon.com
whitelist_auth *@*.amazon.com
blacklist_from *@*.amazon.c
On Mon, 24 Aug 2020, Martin Gregorie wrote:
On Mon, 2020-08-24 at 11:51 -0700, John Hardin wrote:
Might want some \b in there, just to be safe. The from check would
also
hit domains like "amazon-river.org". Perhaps:
header SUBRULE13a From:name =~ /\bAmazon\b/
header SUBRULE13b From:addr =~
John Hardin writes:
> On Mon, 24 Aug 2020, Marc Roos wrote:
>
>> You should use spf for this.
>
> Duh.
>
> +1
>
> whitelist_auth *@amazon.com
> blacklist_from *@amazon.com
> whitelist_auth *@*.amazon.com
> blacklist_from *@*.amazon.com
I do not understand this
What is the highest score you've seen a spam get? I think I just broke
my own high score, with a spam that managed to pile up 64 points.
I'm sure you all have seen much higher!
--
micah
On Mon, 2020-08-24 at 11:51 -0700, John Hardin wrote:
> Might want some \b in there, just to be safe. The from check would
> also
> hit domains like "amazon-river.org". Perhaps:
>
> header SUBRULE13a From:name =~ /\bAmazon\b/
> header SUBRULE13b From:addr =~ /\bamazon\.com$/
>
Indeed
>
> >
On 24 Aug 2020, at 14:53, Marc Roos wrote:
You should use spf for this. Except for the fact that at dhl they are
to
dumb to know what servers they are using.
SPF does no good with addresses as described in the original post.
The overwhelming majority of phish spam makes no attempt to fake th
On Mon, 24 Aug 2020, Marc Roos wrote:
You should use spf for this.
Duh.
+1
whitelist_auth *@amazon.com
blacklist_from *@amazon.com
whitelist_auth *@*.amazon.com
blacklist_from *@*.amazon.com
--
John Hardin KA7OHZhttp://www.impsec.org
You should use spf for this. Except for the fact that at dhl they are to
dumb to know what servers they are using.
-Original Message-
From: Martin Gregorie [mailto:mar...@gregorie.org]
Sent: maandag 24 augustus 2020 20:25
To: micah anderson; users@spamassassin.apache.org
Subject: Re
On Mon, 24 Aug 2020, Martin Gregorie wrote:
On Mon, 2020-08-24 at 12:00 -0400, micah anderson wrote:
We are regularly getting phishes from dhl, fedex, usps, amazon,
netflix, spotify that fakes the from (eg. amazon <
p...@biggung1892301.com> wants to send me a amadon-legit.pdf).
I'm wondering i
On Mon, 2020-08-24 at 12:00 -0400, micah anderson wrote:
> We are regularly getting phishes from dhl, fedex, usps, amazon,
> netflix, spotify that fakes the from (eg. amazon <
> p...@biggung1892301.com> wants to send me a amadon-legit.pdf).
>
> I'm wondering if anyone has made a rule that looks to
We are regularly getting phishes from dhl, fedex, usps, amazon, netflix,
spotify that fakes the from (eg. amazon wants
to send me a amadon-legit.pdf). Usually these are previously unknown to
pyzor, dcc, rbls, and domain reputation doesn't really exist[0].
I'm wondering if anyone has made a rule
The following plugin extracts the SendGrid ID to a Tag, now we can use it
with askdns..
https://github.com/fmbla/spamassassin-sendgrid
Paul
On Sun, 23 Aug 2020 at 20:42, Giovanni Bechis wrote:
> On 8/21/20 9:28 PM, Rob McEwen wrote:
> > ANNOUNCEMENT: The NEW invaluement "Service Provider DNSB
I've seen mail containing ONLY the text mentioned above, in which case
it's
strange. From the original mail I got feeling that the mails also contain
mentioned text only...
The original mails I clipped the original obfuscation text from were using
it to hide a phishing attempt. I have not see
money should not make the emails go around, like wize no pressident should
be elected by money
Well, no judge nor congressman should be elected by money either. But we
changed the rules some dacades back and legalized bribery, specifically in
the payment of money to elect your favorite candida
On 20.08.20 09:13, Loren Wilton wrote:
I've started receiving a bunch of spam or more likely phish
mails that contain the following sort of trash in large
quantities between almost every word of the visible text. The
invisible font rules don't seem to catch this.
lzdtec
On Fri, 21 Aug 2020
Marc Roos skrev den 2020-08-24 09:05:
Very disappointed with sendgrid's fall from grace.
I saw once some video about angel investment, where some guy says
something like "get the money as fast as possible from your clients
pocket into yours". I would say there is little grace to be found.
as t
> Very disappointed with sendgrid's fall from grace.
I saw once some video about angel investment, where some guy says
something like "get the money as fast as possible from your clients
pocket into yours". I would say there is little grace to be found.
> Their phishing/spam/malware and le
17 matches
Mail list logo
