On Thu, 01 Aug 2013 19:08:12 +0200
Benny Pedersen wrote:
> RW skrev den 2013-08-01 18:00:
>
> > If you use /32 and the sender has a different IP address each time
> > there's no score averaging.
>
> servers changeing sender ip daily ?, its not a real problem clients
> does, there would be one
RW skrev den 2013-08-01 18:00:
If you use /32 and the sender has a different IP address each time
there's no score averaging.
servers changeing sender ip daily ?, its not a real problem clients
does, there would be one static ip first
On Thu, 01 Aug 2013 16:36:22 +0200
Benny Pedersen wrote:
> RW skrev den 2013-08-01 14:39:
>
> > This would make sense if the IP address were the the first trusted
> > address or last external, but AWL uses the first routable address
> > which
> > is commonly dynamic.
>
> why is this in error ?
RW skrev den 2013-08-01 14:39:
This would make sense if the IP address were the the first trusted
address or last external, but AWL uses the first routable address
which
is commonly dynamic.
why is this in error ?
On Thu, 01 Aug 2013 12:34:26 +0200
Benny Pedersen wrote:
> Jari Fredriksson skrev den 2013-07-31 22:04:
> > AWL plugin does it anyway, if enabled. But it does not use any
> > external
> > backlists for it...
>
> if its runs with default /16 is just a joke
>
> change it to /24 or /32 then its m
On Aug 1, 2013, at 12:44 PM, Benny Pedersen wrote:
> Franck Martin skrev den 2013-07-31 23:06:
>
>> Now as we move to IPv6, reputation will shift from an IP based type
>> reputation, to a domain based type reputation. Unfortunately, spam
>> assassin seems to be lacking some rules.
>
> still mi
Franck Martin skrev den 2013-07-31 23:06:
Why would they use a forged domain which is on a blacklist? I think
they would tend to use a domain which is well known with good
reputation. As well known domains are getting protected, then they
have to move to use their own domain, which happens to ap
Jari Fredriksson skrev den 2013-07-31 22:04:
31.07.2013 21:05, Franck Martin kirjoitti:
Ah yes, I saw these rules, but this is to check the domains of urls
in
the messages, not to check for instance that the domain used in the
From: header is on the DBL.
Address in From: is usually always forge
On Jul 31, 2013, at 11:19 PM, RGB Camera
mailto:zauschne...@gmail.com>>
wrote:
On Wed, Jul 31, 2013 at 2:06 PM, Franck Martin
mailto:fmar...@linkedin.com>> wrote:
On Jul 31, 2013, at 10:08 PM, Kevin Miller
mailto:kevin_mil...@ci.juneau.ak.us>> wrote:
> Problem is, the from adddress is oft
Sent: Wednesday, July 31, 2013 1:06 PM
To: Kevin Miller
Cc: Ralf Hildebrandt;
Subject: Re: Creating new rules
On Jul 31, 2013, at 10:08 PM, Kevin Miller wrote:
> Problem is, the from adddress is often a "Joe job" - i.e., a forged address,
> so the domain mentioned there li
On Wed, Jul 31, 2013 at 2:06 PM, Franck Martin wrote:
>
> On Jul 31, 2013, at 10:08 PM, Kevin Miller
> wrote:
>
> > Problem is, the from adddress is often a "Joe job" - i.e., a forged
> address, so the domain mentioned there likely doesn't have anything to do
> with the actual source of the mail
On Jul 31, 2013, at 10:08 PM, Kevin Miller wrote:
> Problem is, the from adddress is often a "Joe job" - i.e., a forged address,
> so the domain mentioned there likely doesn't have anything to do with the
> actual source of the mail. It seems to me that if the domain isn't the
> actual sourc
o be filtering on it, particularly if Bayes
is learning from it or your MTA auto-reports it to RBLs.
YMMV...
...Kevin
From: Franck Martin [fmar...@linkedin.com]
Sent: Wednesday, July 31, 2013 10:05 AM
To: Ralf Hildebrandt
Cc:
Subject: Re: Creating new rules
31.07.2013 21:05, Franck Martin kirjoitti:
> Ah yes, I saw these rules, but this is to check the domains of urls in the
> messages, not to check for instance that the domain used in the From: header
> is on the DBL.
Address in From: is usually always forged in Spam nowadays. There is not
much use
31.07.2013 21:05, Franck Martin kirjoitti:
> On Jul 31, 2013, at 7:56 PM, Ralf Hildebrandt
> wrote:
>
>> * Franck Martin :
>>
>>> I looked at http://spamassassin.apache.org/tests_3_3_x.html could not find
>>> any rule that do the above. Please help.
>> That's a bit odd. I found it being mentione
On Jul 31, 2013, at 7:56 PM, Ralf Hildebrandt
wrote:
> * Franck Martin :
>
>> I looked at http://spamassassin.apache.org/tests_3_3_x.html could not find
>> any rule that do the above. Please help.
>
> That's a bit odd. I found it being mentioned here:
>
> http://www.spamhaus.org/faq/section
* Franck Martin :
> I looked at http://spamassassin.apache.org/tests_3_3_x.html could not find
> any rule that do the above. Please help.
That's a bit odd. I found it being mentioned here:
http://www.spamhaus.org/faq/section/Spamhaus%20DBL#287
http://spamassassin.1065346.n5.nabble.com/enabling-
On Jul 31, 2013, at 7:43 PM, Jari Fredriksson wrote:
> 31.07.2013 20:08, Franck Martin kirjoitti:
>> Hi all,
>>
>> I noticed there is no rules to check if the domain in various emails fields
>> are on blocking lists like DBL at spamhaus. I'm willing to work on some of
>> these rules, but I wo
31.07.2013 20:08, Franck Martin kirjoitti:
> Hi all,
>
> I noticed there is no rules to check if the domain in various emails fields
> are on blocking lists like DBL at spamhaus. I'm willing to work on some of
> these rules, but I would appreciate any advice to bootstrap the process. If
> you ca
Hi all,
I noticed there is no rules to check if the domain in various emails fields are
on blocking lists like DBL at spamhaus. I'm willing to work on some of these
rules, but I would appreciate any advice to bootstrap the process. If you can
reference documents or say something like, look at t
All the emails have a common pattern (HTML_LINK + JUNK_TEXT):
meta on info tld && !user_in_whitelist_from_spf
train bayes, adjust autolearnthreshold to less then default -0.2
why have none devs maked a policyd that make sure sender is known to the
recipient ?, (i got a new email address blocki
On 07/05/11 19:38, Andrea Gozzi wrote:
Hi guys.
I need some help in setting up effective rules to counter a spam wave that
has been hitting my server lately.
Most of the messages come from hotmail.com accounts and for obvious reasons
I can't block the whole domain.
All the emails have a common pa
Hi guys.
I need some help in setting up effective rules to counter a spam wave that
has been hitting my server lately.
Most of the messages come from hotmail.com accounts and for obvious reasons
I can't block the whole domain.
All the emails have a common pattern (HTML_LINK + JUNK_TEXT):
http://pa
23 matches
Mail list logo
