>Operators of newsgroups which mirror/archive mailing
>lists, and allow posting from a web interface, are adding forged
>Received: headers before sending an email to the respective list
>server.
In what way are they forged? Do they contain addresses that doesn't match the
system adding the receiv
maildirs.
<http://wiki2.dovecot.org/Plugins/Antispam>
<http://johannes.sipsolutions.net/Projects/dovecot-antispam>
Regards
/Jonas
--
Jonas Eckerman
http://www.truls.org/
;ham'" means here.
Re-learn I think to configure with forward message to
[spam|nospam]@doman[1|2].ru for each of domains, and by cron put some
script which re-learn from folder spam|nospam on domains.
How do you think it will work? Or may be some better idea?
I've done something similar myself. How good it works depends a lot on
your users.
/Jonas
--
Jonas Eckerman
http://www.truls.org/
database
could work a lot better than individual databases.
How much does the mail streams for the domains have in common? If they
have a lot in common it makes sense to have a common bayes database for
them. Otherwise separate databases for each domain migh be better.
Regards
/Jonas
--
rent databases and/or configurations. Both bayes and AWL are
supposed to be able to give different scores to the same mail in
different mail streams.
It is of course possible that there are other differences in scores as
well if the two passes were run with different local score settin
NU General Public License.
Debian *might* be able to distribute DCC under another name, like they
did with Firefox / Iceweasel etc.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
URLRedirect and it's available at
<http://whatever.frukt.org/spamassassin.text.shtml>
It can use Marc's DNS based URL shortener list.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
based list he's hosting a while back. I'm
attaching that message to this one.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
--- Begin Message ---
I don't know if it will be usefu
Interesting. I hope I'll have time to check that against or logs. It
would nice to have windows desktops greylisted while still beeing able
to exempt windows mail and groupware systems.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
On 2010-03-30 13:31, Kai Schaetzl wrote:
Jonas Eckerman wrote on Tue, 30 Mar 2010 00:41:01 +0200:
Unless the greylisting is done *after* receiving the body. Of course,
this will spank innocent senders as well.
Ooops? It spanks *yourself*.
Not really. It does force us to accept the mail
en't adapted to greylisting indicates
that it's impact is not (so far) big enough to care about.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
e I like greylisting because it stops a lot of spam, I've never
seen any data substantiating claims that it has a measurable negative
impact on botnets. So I'm not convinced it really does a lot of spanking
of offenders...
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sver
ly a matter of
time before non-image files turn up with equivalent lying content types
and/or extensions and adding rules to catch them will be trivial.
That's what I thought when I wrote it. :-)
At that time I wanted to catch some stuff that where a RAR atchment had
a ZIP MIME type (or ma
sktop database
contains info for SVG and BMP (it should) it can check for those mismatches.
It's named MimeMagic and is available at
<http://whatever.frukt.org/spamassassin.text.shtml>
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
spcifies text/plain. It probably should be able to
add text/html as html, so that a HTML stripping extractor plugin would
be redundant. I'll look into this. Can't be sure when I have the time
though.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges D
t all time any way for
all regular browsers, and the non working redirects should return error
codes at any time. So I'm not sure what it is you mean they should have
ready for our our HEAD requests.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
On 2010-02-15 15:04, Charles Gregory wrote:
On Sun, 14 Feb 2010, Jonas Eckerman wrote:
1: The participation record is optional, so you only use it if you
want "everything else" to be rejected.
This is why I would support mtamark... It permits the sysadmin to
determine the default
On 2010-02-14 19:20, dar...@chaosreigns.com wrote:
On 02/14, Jonas Eckerman wrote:
* I think there should be a way to tell the world wether you are using
the scheme for a domain (not host) or not. This could easily be done in
DNS.
I need to think about this more, thanks for the suggestion
On 2010-02-14 19:20, dar...@chaosreigns.com wrote:
On 02/14, Jonas Eckerman wrote:
The SPF record above says that a host using "panic.chaosreigns.com"
in HELO should not be allowed to send mail unless it has the IP
address 64.71.152.40, regardless of the domain in the envelope
ching only DNS proxies might be
set up to cache A record lookups (negative and positive) better than TXT
records.
If there is to be a policy record, maybe that should be a TXT record,
but I too like the A record for the actual MTX lookup.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
ipation record, so you
can specify more stuff. Either a TXT record or a bitmaped A record for
example. Call it "_policy._mtx.*".
More on the other very valid concerns later about this...
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
used
in MAIL FROM.
(It's not that use of SPF that breaks (borken) forwarding, it's the
limits connected to the domain used in MAIL FROM.)
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
se, if this catches on, you'll have to provide RFC style
documentation.)
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
it is better.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
gular hostname.
A new record type might be even better.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
1. It shows up as internal mail so gets -6 points or so from the
auto-whitelist thus giving it a decent chance of getting through.
If it shows up as internal mail even though its external something is
wrong.
The AWL takes both the renders email address and the sending systems
IP-address int
ccess to approved IP addresses.)
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
ng.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
much simpler using UDP instead.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
Jonas Eckerman wrote:
At the time I mentioned that I planned to add support for
that list in my URLRedirect plugin.
That support is there, and it seems to be working.
Of course I forgot to include where the module can be found...
It's available at
<http://whatever.f
vices most abused
by spammers.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
er all, the reputation of Habeas can now tarnish the
reputation of their main brand as well.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
best from SA install)
would pay to use the better DNSBLs.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
h provides an open mechanism to redirect a
web browser to another website, ie, by adding a
url=http://anotherwebsite in the URL.
---8<---
I would not consider open redirector of that type to be the same thing
as a URL shortener service (especially not a well run service).
/Jonas
-
links on each redirection service.
Since my plugin adds redirect targets to the message metadata that check
could be done with a normal URL rule.
(It might be useful if the plugin flags redirections that redirects to
the same domain.)
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet
that other checks (URIBL for example) sees it.
Using a DNS based well kept after list of redirectors could make that
plugin much more useful than it is currently.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.
t need to implement it as well. I'll
post here when/if I implement it in URLRedirect.pm.
For more info on URLRedirect.pm check at
http://whatever.frukt.org/spamassassin.text.shtml
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fs
s.
Making extracted images available for FuzzyOCR is (as mentioned above)
something I want to do. Since I don't do any OCR at all here, that's a
pretty low priority though (unless people start asking for it more).
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förb
on the Custom Plugins wiki page, and is available at
<http://whatever.frukt.org/spamassassin.text.shtml>.
It comes with a config for extracting text from Word, OpenXML, RTF, ODF
and PDF files.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.or
to
bayes and rules. It comes with a config that uses antiword to do this.
It's available at
http://whatever.frukt.org/spamassassin.text.shtml#ExtractText.pm
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.
have seen such messages
many times before.
I don't know if DCC cares about the subject att all. If it doesn't, it's
even more liekey that it would hit on an empty test message.
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
tp://whatever.frukt.org/spamassassin.text.shtml>
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
l be
added using set_rendered as it does now.
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
nd on Mail::SpamAssassin::Message::Node not being
changed too much).
I guess I could do the hack version now, and then update it if/when
Mail::SpamAssassin::Message::Node is updated to support this in a nice
way. :-)
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
r sending request to the spamvertised web sites has.
It's available at
<http://whatever.frukt.org/spamassassin.text.shtml>
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
will stop working if you use sa-update or upgrade SpamAssassin.
but at some sites both .pm & .cf fiels
are available can some one please guide me wht to do with .pm files
> how to install them or make them work for me.
Read about "loadplugin" in the above mentioned documentation.
ame as for
any other scoring rules in SA.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
er, the zip
archive should be automagically mirrored to
<http://mmm.truls.org/m/ExtractText.zip>.)
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
you did not in fact mean that the filter
whitelists a spammer?
How I am to know that when you wrote "SpamAssassin effectively white
listing spammers" you did not in fact imply that SpamAssassin is
whitelisting spammers?
If you think I'm silly for believing that you mean what you wri
ain purpose of the default list of domains to skip URIDNSBL
checks for is to save resources by not checking domains that won't be
hit anyway, then the whole list should probably be regularly checked by
a script that simply flags any domains present on URIDNSBLs for review
(or possibly just
ecides how to flag a message.
I'm cynical. The only logical
reason I can see for anything of this nature is money changing hands.
That's not beeing cynical. It's beeing unbelievably unimaginative.
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.f
html/files/
> I need something that will run on Solaris.
I've no idea wether it compiles on Solaris or not, but since I installed
it from ports on FreeBSD I do know that it compiles on at least one Unix
like OS and doesn't require Windows.
Regards
/Jonas
--
Jonas Eckerman
Fruktträd
one thing i need to know is how to control the tmp file path, i cant find where
this is made
I'm using Mail::SpamAssassin::Util::secure_tmpfile, so it's SA that
controls the path to the temp files. I don't know if you can set that in
SAs config or not.
Regards
/Jonas
--
Jonas
nks.
only problem i had was that unrtf nedd to have ${file} in the example cf to
work all else works
Odd. I don't need ${file} for unrtf here.
I'm using unrtf 0.21.0. Are you using an older version?
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
ht
Jonas Eckerman wrote:
For anyone who likes to test stuff, I've uploaded my plugin that
extracts text from documents to
<http://whatever.frukt.org/graphdefang/ExtractText.zip>
In case any of you have problems downloading the file, it's now mirrored as
<http://mmm.truls.or
Benny Pedersen wrote:
<http://whatever.frukt.org/graphdefang/ExtractText.zip>).
I've now mirrored the file as
<http://mmm.truls.org/m/ExtractText.zip>
I hope that will work better.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http
he XML) in my ExtractText plugin.
(For more info about the plugin, see my post with subject "ExtractText
plugin", or download it from
<http://whatever.frukt.org/graphdefang/ExtractText.zip>).
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövbl
for extractor plugins to get config lines.
Test it if you feel like it.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
d
headers directly, but MIMEDefang can use the results from SA to add headers.
OTOH, if one is using MIMEDefang, then one would most likely use
MIMEDefang to strip attachment rather than a compbination of SA and
maildrop.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges
an get a benefit from the extraction.
I'm not going to spend much time on it though. I'm happy just extracting
text. :-) And it does extract text (currently from Word, OpenXML,
OpenDocument and RTF documents). :-)
I actually hadn't even thought about this image/OCR etc stuff befor
to add parts to that container. This would require modification of
Mail::SpamAssassin::Message, but not of the plugins.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
hod seems very undocumented I could of
course be wrong here. In that case I hope to be verbosely corrected. :-)
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
actor plugin that extracts whatever files are included
in the word document. Antiword only extracts text, and my extractor for
OpenXML is little more than an extremely basic XML remover.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
Jonas Eckerman wrote:
You meen extract images and add them as parts to the message?
I guess that should be doable. I know that "unrtf" can extract images
from RTF files. I'll probably implement support for this, but I'll
probably not implement actually doing it right away
ut
if you manage the above, it shouldn't be hard to extract PDF's too :)
This I don't understand. Do they put PDFs inside .doc files as if the
..doc was an archive?
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
hed), but I am using
"set_rendered" method as in the example, so it should work. ;-)
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
ignature header.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
s:
Date:From:Reply-To:MIME-Version:To:Subject:References:In-Reply-To:Content-Type:Content-Transfer-Encoding;
As long as mailman (or anything else) doesn't change that data, the DKIM
signature will still be valid and verifiable, wich it is here.
Regards
/Jonas
--
Jonas Eckerman
Fru
/Mail-SpamAssassin-3.2.5/>
Examples 2, third party plugins at:
<http://wiki.apache.org/spamassassin/CustomPlugins>
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
ist of URIs (so that existing URI checkers sees them).
The WebRedirect plugin provides an eval test to check the status code
for queried links.
My plugin doesn't.
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
an Win32 executable if it had a .doc or .xls extension when the user
double-clicked it.)
For the current image spam it's overkill, but it did hit when I ran
checked OPs example message here.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
h
the scan run, it can't really
work asyncronoulsy AFAICS. Currently it uses a parsed_metadata at
priority -1 in order to add it's own meta-data. Maybe this isn't the
right way to do this.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
closer
to FileType than the current name: MimeMagic.
Anyway, it can be found at
<http://whatever.frukt.org/spamassassin.text.shtml>
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
gin isn't new I still consider it
experimental since I haven't done enough evaluation of it's results.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
. Wich fits what I said to the OP as well.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
el and make the decisions yourself.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
know how telling their headers are in practice.)
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
If you have shell access:
man sa-learn
man spamc
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
gues were reported by others as
well in january or february IIRC.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
a failure to follow RFC2821. This seems to be what happened in this
case. It is the reason part two is needed.
Part Two: Fix the sending systems so that they do not use an
inappropriately low timeout after data end (.). There's a
reason why it SHOULD be 10 minutes.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
score is so much lower than the previous score,
while still beeing very high, could be an indication of this.
Of course, since we don't know what rules actually hit the message, this
is just a guess.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www
ty of ideas about possible
future extensions to SPF, DKIM or whatever except as to how those ideas
might have a direct impact on the usage or development of SpamAssassin.
I can't speak for others, but this is one reason why I haven't given my
opinions about your proposed PSPF.
Regards
Matus UHLAR - fantomas 5.5.'09, 8:55:
> > Strictly speaking, getting them to use it consistently and properly will
> > be MORE difficult,
> more difficult than what?
I parsed it as him stating that getting users to use his proposed PSPF will be
more difficult than getting them to use athent
me and server IP.
Our users (me included) understandably wanted mail on laptops to be easier.
The possibility of using SPF and DKIM were just bonuses.
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
course, my suggestion also hinges on whether there are a sufficient
number of other systems out there in a similar 'position' as us, who
would also benefit from this 'next level' of SPF verification...
- Charles
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
, the AWL entry should use
my IP address not a random gmail server.
Considering that lots of people have dynamic routable addresses, this
seems like a bad idea for a big group of people not using WebMail.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www
Linda Walsh skrev:
Yeah -- then this refers back to the bug about there being no way to prune
that file -- it just slowly grows and needs to be read in when spamd
starts(?)
No.
The AWL is stored in a database, and spamd does not read the whole
database into memory. It just looks up and upd
I've currently got a fever and therefore may be
tricked by a non optimally working brain into writing things thar
simply aren't correct...)
Regards
/Jonas
--
Jonas Eckerman, FSDB & Fruktträdet
http://whatever.frukt.org/
http://www.fsdb.org/
http://www.frukt.org/
; then drops or accepts connection.
From the abstract it's possible that it does so at a firewall
level rather than as an MTA, though it might also describe a more
common SMTP proxy.
/J
--
Jonas Eckerman, FSDB & Fruktträdet
http://whatever.frukt.org/
http://www.fsdb.org/
http://www.frukt.org/
to me. We reject and quarantine at 9 points, and
reject without quarantine at 18 points. So Nigerian scams get at
least 9 points here.
So most nigerian mail are either stopped by our greylist or get
18 points or more, and virtually none get lower than 9 points here.
Regards
/Jonas
--
J
e fee fraud (Nigerian 419)
/Jonas
--
Jonas Eckerman, FSDB & Fruktträdet
http://whatever.frukt.org/
http://www.fsdb.org/
http://www.frukt.org/
reads the users preferences from
file (when the file has been modified) and updates the SQL database.
Regards
/Jonas
--
Jonas Eckerman, FSDB & Fruktträdet
http://whatever.frukt.org/
http://www.fsdb.org/
http://www.frukt.org/
ase that problem
ought to be avoided. (Maybe there's more than those that should
be moved from ~/.spamassassin though).
/Jonas
--
Jonas Eckerman, FSDB & Fruktträdet
http://whatever.frukt.org/
http://www.fsdb.org/
http://www.frukt.org/
paring the fqdn with the IP address allows you to match
patterns that might otherwise lead to FPs.)
Regards
/Jonas
--
Jonas Eckerman, FSDB & Fruktträdet
http://whatever.frukt.org/
http://www.fsdb.org/
http://www.frukt.org/
tar) to a whole bunch of people for
suggestions and/or changes. Presumably at least some of those
suggestions and/or changes did have some kind of effect on the
plugin.
/Jonas
--
Jonas Eckerman, FSDB & Fruktträdet
http://whatever.frukt.org/
http://www.fsdb.org/
http://www.frukt.org/
ely new plugin
based on Botnet) if I get time for it, but I currently have no
way of knowing when or if that might be.
Regards
/Jonas
--
Jonas Eckerman, FSDB & Fruktträdet
http://whatever.frukt.org/
http://www.fsdb.org/
http://www.frukt.org/
r problem in it, please tell me and
the list about it.
Regards
/Jonas
--
Jonas Eckerman, FSDB
http://www.fsdb.org/
--- Botnet.pm Thu Jan 15 21:35:42 2009
+++ Botnet.pm.new Thu Jan 15 21:36:25 2009
@@ -721,8 +721,16 @@
dnsrch=>0,
defnames=>0,
h a score
of +2 (with an extra +1 if p0f says it's a Windows system).
Regards
/Jonas
--
Jonas Eckerman, FSDB & Fruktträdet
http://whatever.frukt.org/
http://www.fsdb.org/
http://www.frukt.org/
Jonas
--
Jonas Eckerman, FSDB & Fruktträdet
http://whatever.frukt.org/
http://www.fsdb.org/
http://www.frukt.org/
1 - 100 of 222 matches
Mail list logo
