On Sat, Jul 16, 2016, at 12:48 PM, Jonathan Nichols wrote:
> I’m just blocking them. .top has been nothing but spam. Looking at my logs,
> .top accounts for over 90% of the rejected email nowadays.
you can of course do what you want, but IMO it bears mention for others'
awareness that
# B
On Sat, Jul 9, 2016, at 08:28 AM, Groach wrote:
> But that said, in fairness, of all the spam we do receive, from what I
> can tell, is already handled and dealt with by the usual DNSBL, SURBLs
> and spamassassin (with SPF and DKIM checking encompassed). Ive never
> had to use/block these TLD
On Sat, Jul 9, 2016, at 07:52 AM, Groach wrote:
> Our accountants are actually using '.account' TLD and they are a very
> reputable business. A surprise when they changed to it, maybe, but change to
> it they did.
My stats provide all the 'evidence' I need. So far, it seems I'm not
auto-blocki
On Sat, Jul 9, 2016, at 07:14 AM, Chip M. wrote:
> Thanks for all the lists and references, everyone! :)
Fwiw, atm I block all of the following TLDs
accountant, accountants, adult, aero, agency, apartments, app, asia,
associates, audio, baby, bargains, bid, bike, bingo, blog, boutique,
On Sun, Jun 26, 2016, at 02:15 AM, Groach wrote:
> Am I right to think this implies that there is a setting or some other
> mechanism that stops rules that have a Zero score from being run in the
> first place? A flag or something? (I ask because I still have Zero score
> rule results run and
Noel
On Sat, Jun 25, 2016, at 06:31 PM, Noel Butler wrote:
> ignoring the usual trolls Benny and Harry (Reindl)
got it
> " loadplugin Mail::SpamAssassin::Plugin::FreeMail " is actually loaded?
yep
> /var/lib/spamassassin/3.004001/updates_spamassassin_org/20_freemail.cf
I think that's it.
Huh?
> and its asked why do i get spam with spf softfails
No, I'm not asking about the 'softfail'. At all.
> recipient have wanted that spam
Um, no.
> possible spam that is not spam but relaying fails
Again, huh?
I'm asking a simple question -- what SA test detects the multiple freemail b
> https://dane.sys4.de/smtp/gmail.com
> https://dane.sys4.de/smtp/yahoo.com
> so why not reject softfail based on it ?
> oh yahoo client use gmail, hmm :=)
> that user should use smtp auth on gmail, not use yahoo smtp servers for
> relaying
> and note DNSS
An inbound spam was caught by SpamAssassin, flagged with
BAYES_50=0.8
DCC_CHECK=1.1
DIGEST_MULTIPLE=0.293
HTML_MESSAGE=0.001
MIME_HTML_MOSTLY=0.428
MISSING_HEADERS=1.021
PYZOR_CHECK=2.5
REPLYTO_WITHOUT_TO_CC=1.552
To get to SA, it sn
Fwiw, I've moved the DNSBL issue out of SA and put it 'in front' with Postfix's
postscreen.
Instead of just *one* DNSBL, which is imo always a risk, I use multiple
dnsbls, and weight them in scoring.
In my experience, it works fantastically well.
A great write up on the approach is here
ht
I've installed SA 3.4.1.
I'm writing body rules to deal with some persistent spam I'm getting.
plain-text match rules are simple enough.
Much of the spam contains 'tortured html'. I just want to get clear about how
to correctly match it.
For example, here's a body snippet from one of those 't
11 matches
Mail list logo
