On the Postfix listserv, KAM informed the Postfix community that 3.4.3
has the ability to do RBL lookups on the domain in Reply-to address.
How do we take advantage of this new capability?
--
John Schmerold
Katy Computer Systems, Inc
https://katycomputer.com
St Louis
thing, I would whitelist the client,
but want to help them improve the deliver-ability of their
communications by better understanding what tripping up their SA score.
Thanks.
--
John Schmerold
Katy Computer Systems, Inc
https://katycomputer.com
St Louis
On 8/11/2019 6:12 PM, RW wrote:
On Sun, 11 Aug 2019 12:03:21 -0500
John Schmerold wrote:
On 8/11/2019 12:57 AM, Henrik K wrote:
F From: =?UTF-8?B?QW5keSAgQnJ5YW4=?=
*I am using these rules:*
score LOCAL_H_from_bryan1 35.00
header LOCAL_H_from_bryan1 From =~ /andy\sbryan/i
Your
On 8/11/2019 12:57 AM, Henrik K wrote:
On Sat, Aug 10, 2019 at 10:00:08PM -0500, John Schmerold wrote:
Evil doers go to our website, identify the leader, then start phishing. We
have been blocking this by looking for the leader's name in the "From"
field, today a number of
H_from_encode From =~ /UTF\-/i
--
John Schmerold
Katy Computer Systems, Inc
https://katycomputer.com
St Louis
alid
-0.8 DKIM_VALID Message has at least one valid DKIM or DK
signature
-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from
envelope-from domain
--
John Schmerold
Katy Computer Systems, Inc
https://katycomputer.com
St Louis
Anyone know of a SA rule that would assign points if SA finds an ABA
Routing # in the email message?
I am wanting to block evil-doers from saying "Good morning payroll, I
have a new bank. Please send my next paycheck to Bank of Bad Guy, ABA
1234214131421"
--
John Schmerold
Kat
On 3/2/2019 10:15 PM, Bill Cole wrote:
On 2 Mar 2019, at 9:45, John Schmerold wrote:
I subscribed to uribl's datafeed service and have read their usage
documentation on http://uribl.com/usage.shtml
I think I understand how it works, but I am confused by how things
work with the de
On 3/2/2019 9:04 AM, Axb wrote:
On 3/2/19 3:45 PM, John Schmerold wrote:
I subscribed to uribl's datafeed service and have read their usage
documentation on http://uribl.com/usage.shtml
I think I understand how it works, but I am confused by how things
work with the default 25_uribl.cf
Mike: If you want a tester, I am happy to join the effort, I see little
harm in assigning 0.75 to the results.
There are quite a few email only domains we end up whitelist_auth'ing
them and all is well.
John Schmerold
Katy Computer Systems, Inc
https://katycomputer.com
St Louis
On 2/28
_BLACK net
score URIBL_BLACK 6.00
reuse URIBL_BLACK
OR: is there some better solution?
Thanks.
--
John Schmerold
Katy Computer Systems, Inc
https://katycomputer.com
St Louis
bayes_seen
Would some kind soul tell me how I can manage my SPF whitelist?
I would like to list and edit the SPF whitelist
--
John Schmerold
Katy Computer Systems, Inc
https://katycomputer.com
St Louis
def_whitelist_auth (or whitelist_auth ) category?
2) Is there a configuration directive that would tell SA to include
*@*.*.domain.com when *@domain.com is specified in the
def_whitelist_auth or whitelist_auth directives?
Thanks,
John
--
John Schmerold
Katy Computer Systems, Inc
https
I don't understand the purpose of tflags. Where is this parameter explained?
--
John Schmerold
Katy Computer Systems, Inc
https://katy.com
St Louis
On 4/25/2016 7:07 PM, David Jones wrote:
score LOCAL__H_from_sample -10.0
header LOCAL__H_from_sample ALL =~ /mail\.sample\.com/i
Add it's IP to your trusted_networks and subtract a few points for
ALL_TRUSTED. I wouldn't recommend subtracting 10 points as you
still want to be able to block
One of my mail filters is a smart host for a trusted mail server
(mail.sample.com), how do we assign a -10 score to mail coming from
mail.sample.com
I thought this would work, but it doesn't:
scoreLOCAL__H_from_sample -10.0
header LOCAL__H_from_sample ALL =~ /mail\.sample\.com/i
Thanks for the input, We reduced the reject score and added a few rules.
John Schmerold
Katy Computer Systems, Inc
https://katy.com
St Louis
On 9/8/2015 4:26 PM, John Schmerold wrote:
We have been seeing a number of spams getting through our ClamAV /
Spamassassin filter. What is the best way
I guess I should share rest of the message source:
Return-path:
Envelope-to: j...@katy.com
Delivery-date: Tue, 08 Sep 2015 10:49:40 -0500
X-Spam-Status: No
X-FastNet1-MailScanner-From: dglzydwfyofe...@yahoo.com
X-FastNet1-MailScanner-SpamCheck:
X-FastNet1-MailScanner: Found to be clean
X-FastNet
We have been seeing a number of spams getting through our ClamAV /
Spamassassin filter. What is the best way to share with the community so
that we can develop a defense against these messages?
The message reads:
Hi my name is Victoria Alexandra attached is my resume!Please message me
back
B
We use a Mailfoundry box to filter messages for our domains, we're
paying for the mailfoundry per block of messages.
82% of the emails are filtered out via RBL. Rest gets blocked due to
viruses and SA type issues, leaving us with 4.7% HAM - unbelievable
but true.
So, I got the bright idea: let's
Another approach that works really well for us:
We send all spam to a gmail account. Then every week we look to see
what google proclaims to be ham and forward it to our clients.
Our numbers tend to break down as follows:
10% Ham & sent to client
1% SPAM & sent to client
8.5% SPAM sent to gmail
Matt: Thanks, this worked exactly as expected.
SA is protecting 20 domains from evil, I want to keep 2 domains from
communicating with one another, I believe local.cf can help resolve
this for me, if I can figure out how to do:
scoreLOCAL__H_M 50.00
header LOCAL__H_M From =~ /hatfield\.com/i .and.
header LOCAL__H_M To =~ /mcc
23 matches
Mail list logo
