nning RHEL8 with spamassassin 3.4.6 - so the BLOCKED tests
are not there - but I'm not being blocked from what I can see, so that's not an
issue for now.
Simon.
On Saturday, April 05, 2025 11:57 AEST, Greg Troxel wrote:
"Simon Wilson via users" writes:
> OK, back
e doing requests for actual messages. I think that's really what small free
tiers are targeted towards, not for those reselling services, so I think 10K is
enough for a home business or small office, and if it's not, they need to
configure their network correctly so SA only processes only what the MTA
passes.
--
Regards,
Noel Butler
--
Simon Wilson
M: 0400 121 116
00 sets of queries a day
to stay inside total 10,000 in 30 days free. I'd need about 25,000 a month I
guess.
What's the consensus on how to manage this within spamassassin?
Simon.
On Saturday, April 05, 2025 09:39 AEST, "Simon Wilson via users"
wrote:
Hi Andre
If you are not the recipient, you are hereby notified
that any disclosure, copying, distribution or taking action in relation of the
contents of this information is strictly prohibited and may be unlawful.
--
Simon Wilson
M: 0400 121 116
Hi list,
I've received an email from validity.com:Reminder – you’re currently receiving
the paid edition of Validity’s Zone File Access (at no cost), but as of May
1st, 2025, we will no longer be able to provide this experience for free. If
you wish to continue receiving IP Reputation, Validity
On Thursday, July 04, 2024 02:01 AEST, Benny Pedersen wrote:
> Simon Wilson via users skrev den 2024-07-03 15:54:
>
> > header AUTHRES_DKIM_PASS eval:check_authres_result('dkim', 'pass')
> > header USER_IN_DKIM_WHITELIST eval:check_for_dkim_whitelist_f
On Thursday, July 04, 2024 01:11 AEST, Bill Cole
wrote:
> On 2024-07-03 at 10:19:28 UTC-0400 (Thu, 04 Jul 2024 00:19:28 +1000)
> Simon Wilson via users
> is rumored to have said:
>
> > On 03.07.24 23:54, Simon Wilson via users wrote:
> >> Simon Wilson via users
Simon Wilson via users skrev den 2024-07-03 14:56:
> Do I also need to disable the normal SA DKIM plugin evaluation, i.e.
> trusting my upstream authres_trusted_authserv only?
both works in paralel, so no need to disable, best results came from
both enabled
its up to you to ad
On 03.07.24 23:54, Simon Wilson via users wrote:
>Simon Wilson via users skrev den 2024-07-03 14:56:
>> Do I also need to disable the normal SA DKIM plugin evaluation, i.e.
>> trusting my upstream authres_trusted_authserv only?
>
>both works in paralel, so no need to disab
Simon Wilson via users skrev den 2024-07-03 14:56:
> Do I also need to disable the normal SA DKIM plugin evaluation, i.e.
> trusting my upstream authres_trusted_authserv only?
both works in paralel, so no need to disable, best results came from
both enabled
its up to you to ad
Simon Wilson via users skrev den 2024-07-03 14:13:
> I don't think SA 3.4.6 on RH8 has AuthRes plugin:
take it from spamassassin trunc, this plugin works on 3.4.6 aswell, but
was not released or tested on it, i have verify it does work
#!/bin/sh
svn checkout http://svn.apache.org/r
On Wednesday, July 03, 2024 22:06 AEST, "Simon Wilson via users"
wrote:
Dave Funk skrev den 2024-07-03 09:29:
> On Wed, 3 Jul 2024, Simon Wilson via users wrote:
> You say "passing SPF and DKIM" however in the SA rules report it
> clearly says:
> D
Dave Funk skrev den 2024-07-03 09:29:
> On Wed, 3 Jul 2024, Simon Wilson via users wrote:
> You say "passing SPF and DKIM" however in the SA rules report it
> clearly says:
> DKIM_SIGNED=0.1, DKIM_INVALID=0.1
>
> So eventho you think 'passed DKIM' SA c
On Wed, 3 Jul 2024, Simon Wilson via users wrote:
> Does whitelist_auth work on From header, or Return-Path? Reason I ask:
>
>
>
> I have two emails from “support .at. wasabi.com”. Due to their emails usually
> triggering KAM rules I have (in
> /etc/mail/
Running SA 3.4.6 on RH8.
Does whitelist_auth work on From header, or Return-Path? Reason I ask:
I have two emails from “support .at. wasabi.com”. Due to their emails usually
triggering KAM rules I have (in /etc/mail/spamassassin/local.cf):
## Whitelist Wasabi, subject to passing of auth
wh
On Thursday, June 22, 2023 23:05 AEST, Bill Cole
wrote:
On 2023-06-22 at 06:29:53 UTC-0400 (Thu, 22 Jun 2023 20:29:53 +1000)
Simon Wilson via users
is rumored to have said:
> I find most DMARC reports I receive are flagged as spam by SA.
>
> How do people work around this? I&#
On Thursday, June 22, 2023 20:37 AEST, Damian wrote:
I find most DMARC reports I receive are flagged as spam by SA.> Which
submitters? I looked at a bunch of my reports and they are all MIME_GOOD.
That one was from microsoft.
--
Simon Wilson
M: 0400 121 116
_DIFF=0.79,
PYZOR_CHECK=1.392, RCVD_IN_DNSWL_NONE=-0.0001,
RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001,
T_SCC_BODY_TEXT_LINE=-0.01, T_TVD_MIME_NO_HEADERS=0.01]
--
Simon Wilson
M: 0400 121 116
is rule is triggering a lot on emails which are not Spam,
reducing score from 2.497
score SHOPIFY_IMG_NOT_RCVD_SFY1.8
Simon
--
Simon Wilson
M: 0400 12 11 16
- Message from Jared Hall -
Date: Fri, 23 Jul 2021 00:07:52 -0400
From: Jared Hall
Subject: CHAOS: v1.2.2: Of Documentation
To: users@spamassassin.apache.org
Simon Wilson wrote:
could you, please, finally, describe what does this module do,
here to the list and/or to
art with the easy parts and follow with those more
compliated functionality, because I feel the description starts with
thelatter.
I'm guessing from the silence in response that this will remain a mystery.
Simon.
___
Simon Wilson
M: 0400 12 11 16
result by applying the check_host() function to the "MAIL FROM"
identity as the .
A HELO SPF check is most certainly not a "fall-back".
Whether the SPF checking tool used follows the RFC is another matter
entirely :-)
Simon.
--
Simon Wilson
M: 0400 12 11 16
INBOUND
--
Simon Wilson
M: 0400 12 11 16
> On Mon, Apr 19, 2021 at 10:05:21PM +1000, Simon Wilson wrote:
rather than change the channel distributed KAM.cf, what needs to go in
local.cf to tell that not to run? *CAN* it be disabled from local.cf, or can
it only be done by commenting out the entry in KAM.cf?
It would not make any se
e relevant milters have run and added
trusted headers on inbound email.
Simon.
--
Simon Wilson
M: 0400 12 11 16
TY_RPBL net publish
reuse RCVD_IN_VALIDITY_RPBL RCVD_IN_RP_RNBL
...is the correct way to disable it:
local.cf: score RCVD_IN_VALIDITY_RPBL 0
?
Simon
--
Simon Wilson
M: 0400 12 11 16
- Message from Henrik K -
Date: Mon, 19 Apr 2021 17:11:41 +0300
From: Henrik K
Reply-To: users@spamassassin.apache.org
Subject: Re: KAM_DMARC_REJECT on internal emails
To: users@spamassassin.apache.org
On Mon, Apr 19, 2021 at 10:05:21PM +1000, Simon Wilson wrote
pamassassin ?, it have to know all wan ips for your own server /
servers
Yes, my trusted_networks, internal_networks and msa_networks are all
set correctly... I had a long discussion with this mailing list on the
subject last year and got excellent help on resolving that! :)
- End me
- Message from RW -
Date: Mon, 19 Apr 2021 12:47:02 +0100
From: RW
Subject: Re: KAM_DMARC_REJECT on internal emails
To: users@spamassassin.apache.org
On Mon, 19 Apr 2021 16:36:58 +1000
Simon Wilson wrote:
Hi list,
- I'm running KAM rules in Spamassassin
- Po
I'd say that a proper solution would be to DKIM-sign mail before it's
spam-scanned.
On 19.04.21 19:39, Simon Wilson wrote:
Good point. If DKIM is signed it should pass DMARC, even if SPF fails.
Amavisd handles both pieces, including DKIM signing... from looking
at the headers it
On 19.04.21 16:36, Simon Wilson wrote:
- I'm running KAM rules in Spamassassin
- Postfix port 587-submitted email is sent to Amavisd (as a
content_filter) on port 10026 (tagged as ORIGINATING/MYNETS) and is
spam-checked and DKIM-signed on its way out the door, sent back to
Postfix at
_50 results.
sa-learn advises tokens learned, but it still seems to struggle with
these. Other than that my Bayes is excellent, very effective and
accurate.
Any advice would be appreciated.
Simon.
--
Simon Wilson
M: 0400 12 11 16
like every inbound email.
From what I can see it's a genuine blocklist lookup by SA...
(RCVD_IN_RP_RNBL in 20_dnsbl_tests.cf) but the error rate is strange.
Am I the only one with high volume of lookup errors from that bl? :-)
or do I need to be looking for an issue locally...
Simon.
--
- Message from Bill Cole
-
Date: Sun, 04 Apr 2021 15:16:32 -0400
From: Bill Cole
Subject: Re: Update SA on CentOS
To: users@spamassassin.apache.org
On 4 Apr 2021, at 0:19, Simon Wilson wrote:
CentOS / RHEL backport critical security fixes into the stock
versions
- Message from Amir Caspi -
Date: Sat, 3 Apr 2021 22:06:03 -0600
From: Amir Caspi
Subject: Re: Update SA on CentOS
To: si...@simonandkate.net
Cc: users@spamassassin.apache.org
On Apr 3, 2021, at 9:15 PM, Simon Wilson wrote:
And then you are not stepping away
ation (and teaching it when it
fails to get it right) resulted in excellent spam prevention on CentOS
7 with its standard packaged SA. And then you are not stepping away
from one of CentOS's main advantages - stable packages not built
outside of RPM.
Simon
--
Simon Wilson
M: 0400 12 11 16
ernal by a properly configured SpamAssassin, please open a bug
report.
Yep, been through all of that with making sure SA knows what is
internal and external, and what it can trust and not. No issues there.
Simon
--
Simon Wilson
M: 0400 12 11 16
Does SA always do its "own" DKIM check, or can it be told to use an
already written trusted AuthservId-written Authentication-Results
header, e.g. from OpenDKIM?
Thanks
--
Simon Wilson
M: 0400 12 11 16
d rules, but what is best practice for
using DMARC results in Spamassassin?
Simon
--
Simon Wilson
M: 0400 12 11 16
ng a Received-SPF filter using
python-policyd-spf (called as last check in
smtpd_recipient_restrictions), so yes it would make sense for
spamassassin to trust the check already made - I'll see if I can work
out how to do that.
Simon.
--
Simon Wilson
M: 0400 12 11 16
al_txrep (277) 0.69% 10433.00 5.00
11.00 17.00 21.00 24.00 35.80786.00
tests_pri_1000 (277) 0.62% 9397.00 6.00
10.00 15.00 19.00 21.00 30.20 621.00
--
Simon Wilson
M: 0400 12 11 16
as Intended (TM). I've not set txrep_autolearn on yet, will
monitor for a while.
Simon
On Sun, Mar 21, 2021 at 3:04 AM Simon Wilson wrote:
- Message from John Hardin -
Date: Sat, 20 Mar 2021 08:08:17 -0700 (PDT)
From: John Hardin
Subject: Re: AWL on
- Message from John Hardin -
Date: Sat, 20 Mar 2021 08:08:17 -0700 (PDT)
From: John Hardin
Subject: Re: AWL on 3.4
To: users@spamassassin.apache.org
On Sun, 21 Mar 2021, Simon Wilson wrote:
I've just migrated and updated to SA 3.4, and have moved the Bayes
it goes, but am
interested in comments on its usefulness?
Simon
--
Simon Wilson
M: 0400 12 11 16
"
You've not stated your OS but on a RHEL/CentOS 7 box the correct way
to remove is to go to /etc/mail/spamassassin/channel.d and delete
sought.conf.
--
Simon Wilson
M: 0400 12 11 16
..
I now have the following in local.cf and it seems to be working OK,
but I'll keep an eye on it.
trusted_networks 192.168.1. 119.18.34.29
internal_networks 192.168.1. 119.18.34.29
msa_networks 192.168.1.230
score ALL_TRUSTED -1.4
Thanks again.
--
Simon Wilson
M: 0400 12 11 16
Quoting Bill Cole :
On 16 Oct 2019, at 7:55, Simon Wilson wrote:
Quoting Tom Hendrikx :
[...]
RDNS_DYNAMIC tries to exclude authenticated email. Are you
accepting email from senders without authentication? Or maybe your
trusted_networks/internal_networks are misconfigured, so the
Quoting Simon Wilson :
Quoting Tom Hendrikx :
On 16-10-19 12:19, Simon Wilson wrote:
Hi, I have a Horde system submitting to a
postfix/amavisd-new/spamassassin server for spam detection
(different servers, same subnet). I *do* consciously run SA over
internally submitted emails to catch
Quoting Tom Hendrikx :
On 16-10-19 12:19, Simon Wilson wrote:
Hi, I have a Horde system submitting to a
postfix/amavisd-new/spamassassin server for spam detection
(different servers, same subnet). I *do* consciously run SA over
internally submitted emails to catch compromised accounts (it
boost? Or
anything more scientific??
Simon.
--
Simon Wilson
M: 0400 12 11 16
.
DNSBL:19.192.251.205:zen.spamhaus.org
May 1 14:32:53.113 [21742] dbg: async: timing: 1.524 .
dns:A:67.27.240.54.bl.mailspike.net
May 1 14:32:53.113 [21742] dbg: async: timing: 1.533 .
dns:TXT:67.27.240.54.bl.spamcop.net
--
Simon Wilson
M: 0400 12 11 16
ked it, and it is working fine).
I'll see if I can work out why some DNS checks are taking so long.
Simon
--
Simon Wilson
M: 0400 12 11 16
slower?
Simon
--
Simon Wilson
M: 0400 12 11 16
to all the other patterns that it hits. They are going for people
without decent anti-spam - the ones silly enough to think about
responding to the message.
Maybe I'm crediting too much (or too little? LOL) IQ to the spammers
and to some recipients.
--
Simon Wilson
www.simonandkate.net
s responding if their
emails weren't full of stupid spelling like "suspention", "redice",
etc... Perhaps we should be grateful LOL...
--
Simon Wilson
www.simonandkate.net
55 matches
Mail list logo
