On Thu, 21 Jan 2010, Mike Cardwell wrote:
RCVD_ILLEGAL_IP is currently ranking 289th in my SpamAssassin rule statistics
having triggered on only 79 out of the last 66657 emails. Is such an
infrequently triggering rule worth having a dedicated DNS based lookup
system?
This is likely because i
On 21/01/2010 11:59, Per Jessen wrote:
DNS checks would be overkill for a list that doesn't change that
often.
Overkill yes, but "affordable", especially with results being cached.
Personally I would favor DNS for data that _does_ change, even if
only very rarely.
It just doesn't make sense.
On Thu, Jan 21, 2010 at 12:59:49PM +0100, Per Jessen wrote:
> Henrik K wrote:
>
> > On Thu, Jan 21, 2010 at 11:59:25AM +0100, Per Jessen wrote:
> >> Henrik K wrote:
> >>
> >> > On Wed, Jan 20, 2010 at 04:16:29PM +1000, Res wrote:
> >> >> On Wed, 20 Jan 2010, Henrik K wrote:
> >> >>
> >> >>
Henrik K wrote:
> On Thu, Jan 21, 2010 at 11:59:25AM +0100, Per Jessen wrote:
>> Henrik K wrote:
>>
>> > On Wed, Jan 20, 2010 at 04:16:29PM +1000, Res wrote:
>> >> On Wed, 20 Jan 2010, Henrik K wrote:
>> >>
>> >> (?:[01257]|(?!127.0.0.)127|22[3-9]|2[3-9]\d|[12]\d{3,}
>> [3-9]\d\d+)\.\
On Thu, Jan 21, 2010 at 11:59:25AM +0100, Per Jessen wrote:
> Henrik K wrote:
>
> > On Wed, Jan 20, 2010 at 04:16:29PM +1000, Res wrote:
> >> On Wed, 20 Jan 2010, Henrik K wrote:
> >>
> >> (?:[01257]|(?!127.0.0.)127|22[3-9]|2[3-9]\d|[12]\d{3,}
> [3-9]\d\d+)\.\d+\.\d+\.\d+
> >
> >>>
Henrik K wrote:
> On Wed, Jan 20, 2010 at 04:16:29PM +1000, Res wrote:
>> On Wed, 20 Jan 2010, Henrik K wrote:
>>
>> (?:[01257]|(?!127.0.0.)127|22[3-9]|2[3-9]\d|[12]\d{3,}
[3-9]\d\d+)\.\d+\.\d+\.\d+
>
> Thats crazy! It's wrong since 1/8 is now allocated, it also does
> not
On Wed, 20 Jan 2010, Henrik K wrote:
DNS checks would be overkill for a list that doesn't change that often.
http://www.team-cymru.org/Services/Bogons/ has good info,
Yes agreed, we have used Robs templates for a long time :)
--
Res
"What does Windows have that Linux doesn't?" - One hell o
On Wed, Jan 20, 2010 at 04:16:29PM +1000, Res wrote:
> On Wed, 20 Jan 2010, Henrik K wrote:
>
>
> (?:[01257]|(?!127.0.0.)127|22[3-9]|2[3-9]\d|[12]\d{3,}|[3-9]\d\d+)\.\d+\.\d+\.\d+
Thats crazy! It's wrong since 1/8 is now allocated, it also does not
detect most other
On Wed, 20 Jan 2010, Henrik K wrote:
(?:[01257]|(?!127.0.0.)127|22[3-9]|2[3-9]\d|[12]\d{3,}|[3-9]\d\d+)\.\d+\.\d+\.\d+
Thats crazy! It's wrong since 1/8 is now allocated, it also does not
detect most other bogon ranges, What is the point of this...
Another rule I now need to disable.
On Tue, Jan 19, 2010 at 08:00:46PM -0800, John Hardin wrote:
> On Wed, 20 Jan 2010, Res wrote:
>
>> On Wed, 20 Jan 2010, RW wrote:
>>
>>> It appears to be just a regular expression:
>>
>>> sub check_for_illegal_ip {
>>> my ($self, $pms) = @_;
>>>
>>> foreach my $rcvd ( @{$pms->{relays_untrust
On Wed, 20 Jan 2010, Res wrote:
On Wed, 20 Jan 2010, RW wrote:
It appears to be just a regular expression:
sub check_for_illegal_ip {
my ($self, $pms) = @_;
foreach my $rcvd ( @{$pms->{relays_untrusted}} ) {
# (note this might miss some hits if the Received.pm skips any
invalid
On Wed, 20 Jan 2010, RW wrote:
It appears to be just a regular expression:
sub check_for_illegal_ip {
my ($self, $pms) = @_;
foreach my $rcvd ( @{$pms->{relays_untrusted}} ) {
# (note this might miss some hits if the Received.pm skips any
invalid IPs) foreach my $check ( $rcvd->{ip},
On Wed, 20 Jan 2010 10:19:14 +1000 (EST)
Res wrote:
> Greetings,
>
> Can anyone tell me how the bogon list in this rule is updated?
> Does it query a live bogon DNS server? The wiki does not explain or
> say much at all about it.
>
> Thanks
>
It appears to be just a regular expression:
sub c
Greetings,
Can anyone tell me how the bogon list in this rule is updated?
Does it query a live bogon DNS server? The wiki does not explain or say
much at all about it.
Thanks
--
Res
"What does Windows have that Linux doesn't?" - One hell of a lot of bugs!
On Wed, 13 Aug 2008, Theo Van Dinter wrote:
On Wed, Aug 13, 2008 at 03:33:56PM -0700, SM wrote:
They are not the only ones using these IP addresses for internal
use. It will be interesting to see what happens when these IP
addresses are assigned.
Reminds me of a time where I ran into a compa
On Wed, Aug 13, 2008 at 03:33:56PM -0700, SM wrote:
> They are not the only ones using these IP addresses for internal
> use. It will be interesting to see what happens when these IP
> addresses are assigned.
Reminds me of a time where I ran into a company who internally were
using long-time pu
At 14:37 13-08-2008, jdow wrote:
What the heck is Consumers Energy doing using a reserved IP address?
They are not the only ones using these IP addresses for internal
use. It will be interesting to see what happens when these IP
addresses are assigned.
Regards,
-sm
From: "Bowie Bailey" <[EMAIL PROTECTED]>
Sent: Wednesday, 2008, August 13 12:58
Brian Martinez wrote:
I'm guessing the IP address in question is: 1.226.208.65
While it certainly is not within a range I see all that often, I am
assured by our hostmaster that it is legit. Another one I've see
Folks,
Thanks for your responses thus-far. It seems that my head is floating in
the clouds today and I appear to be dreaming half of this situation. A
couple of months ago, as I said, our network admin pointed out this
problem to me. I can no longer find the email he sent me where he stated
ts on searching ARIN's WHOIS database.
> -Original Message-
> From: Brian Martinez [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, August 13, 2008 9:22 PM
> To: users@spamassassin.apache.org
> Subject: RCVD_ILLEGAL_IP question(s)
>
> Howdy folks,
>
> I'm expe
Brian Martinez wrote:
>
> I'm guessing the IP address in question is: 1.226.208.65
>
> While it certainly is not within a range I see all that often, I am
> assured by our hostmaster that it is legit. Another one I've seen is
> 1.226.208.61
As far as I can tell, that IP address is invalid. It
Howdy folks,
I'm experiencing a problem with some people (myself included) who are not
properly receiving their Consumer's Energy bills. Rather, the bills are
being marked as spam and sent into their SPAM folders. One of the two
things being marked by the Spam-Report are RCVD_ILLEGAL_IP
I
22 matches
Mail list logo
