On 6/29/2015 10:39 AM, Reindl Harald wrote:
tell me one reason why should i waste 1-5 seconds for on some days a
million blocked mails while i can get rid of them in ms?
On 29.06.15 11:00, Ted Mittelstaedt wrote:
Because, it's 1-5 seconds. If it was 1-5 minutes then sure.
million times 1-5
Am 29.06.2015 um 20:00 schrieb Ted Mittelstaedt:
I have users who sometimes want to receive mail from a system in an RBL.
It's their mailbox, they are paying for it. Why should I not let them
do it?
these are corporate customers getting mail from other corporate
customers who are completely cl
On 6/29/2015 10:39 AM, Reindl Harald wrote:
Am 29.06.2015 um 19:28 schrieb Ted Mittelstaedt:
The days of squeezing every last CPU cycle out of something are
long, gone Reindl.
nonsense
I really appreciate that your bound and determined to keep that
80486 server running but nobody else is
Am 29.06.2015 um 19:34 schrieb Ted Mittelstaedt:
My objection isn't to Postfix. My objection is to assuming that
Postfix is the one and only way to do something.
If you have an idea on how to block spam I'm all ears - until your
idea gets positioned as a Postfix-only solution first.
If you c
On 6/29/2015 9:48 AM, Charles Sprickman wrote:
On Jun 29, 2015, at 12:35 PM, Reindl Harald wrote:
Am 29.06.2015 um 18:29 schrieb Ted Mittelstaedt:
Of course, Postfix fixes everything from AIDS to global warming, it's
the greatest MTA ever invented.
for other MTA'S score-bayes RBL handlin
Am 29.06.2015 um 19:28 schrieb Ted Mittelstaedt:
The days of squeezing every last CPU cycle out of something are
long, gone Reindl.
nonsense
I really appreciate that your bound and determined to keep that
80486 server running but nobody else is doing it anymore.
tell me one reason why sho
The days of squeezing every last CPU cycle out of something are
long, gone Reindl.
I really appreciate that your bound and determined to keep that
80486 server running but nobody else is doing it anymore.
Why do you think SA is written in Perl? Of all languages!!!
Sure, let's pick the -slowest
>On Jun 29, 2015, at 12:35 PM, Reindl Harald wrote:
>>
>> Am 29.06.2015 um 18:29 schrieb Ted Mittelstaedt:
>What other free MTA is there that’s in common use? qmail is dead and
>buried. Sendmail and Exim are pretty much niche. What exactly is wrong
>with Postfix?
Nothing. It's very powerful
On Jun 29, 2015, at 12:35 PM, Reindl Harald wrote:
>
> Am 29.06.2015 um 18:29 schrieb Ted Mittelstaedt:
>> Of course, Postfix fixes everything from AIDS to global warming, it's
>> the greatest MTA ever invented.
>
> for other MTA'S score-bayes RBL handling on MTA level exists too in form of
>
and here you go, so the next time before you answer with foam in front
of your mouth and don't get what "something like Postscreen" means
educate yourself!
http://blog.schalanda.name/archives/118-Exim-4-and-policyd-weight.html/
Am 29.06.2015 um 18:35 schrieb Reindl Harald:
Am 29.06.2015 um 1
Am 29.06.2015 um 18:29 schrieb Ted Mittelstaedt:
Of course, Postfix fixes everything from AIDS to global warming, it's
the greatest MTA ever invented.
for other MTA'S score-bayes RBL handling on MTA level exists too in form
of policy daemons
Exactly the kind of thing I would expect from
Of course, Postfix fixes everything from AIDS to global warming, it's
the greatest MTA ever invented.
Exactly the kind of thing I would expect from you. Haven't you worn
out that Postfix drum your banging yet?
Ted
On 6/27/2015 3:04 AM, Reindl Harald wrote:
Am 27.06.2015 um 10:18 schrieb M
On Friday 26 June 2015 17.40.04 Ted Mittelstaedt wrote:
But, putting RBL checks into the MTA is the best way I know to piss off
your users since tag-and-forward is not an option on MTA rbl checking.
That's why we all do our RBL checks in spamassassin.
On 27.06.15 10:18, Martin S wrote:
Could y
Hi,
blacklist_from *@*.allisonarctictrips.com
spf-pass take responselily
Yes, after it's received, there are a ton of things that could be done
to block it (including my local RBL). I was hoping for something
preventative.
Eh? I'm afraid I don't get this at all - greylisting and RBL check
Am 27.06.2015 um 10:18 schrieb Martin S:
On Friday 26 June 2015 17.40.04 Ted Mittelstaedt wrote:
But, putting RBL checks into the MTA is the best way I know to piss off
your users since tag-and-forward is not an option on MTA rbl checking.
That's why we all do our RBL checks in spamassassin.
On Friday 26 June 2015 17.40.04 Ted Mittelstaedt wrote:
> But, putting RBL checks into the MTA is the best way I know to piss off
> your users since tag-and-forward is not an option on MTA rbl checking.
> That's why we all do our RBL checks in spamassassin.
Could you elaborate on this? I'm "new"
On 6/26/2015 10:53 AM, Dave Wreski wrote:
On 06/26/2015 12:45 PM, Benny Pedersen wrote:
Alex Regan skrev den 2015-06-26 18:33:
http://pastebin.com/FzUkEvRp
blacklist_from *@*.allisonarctictrips.com
spf-pass take responselily
Yes, after it's received, there are a ton of things that cou
On June 26, 2015 8:00:22 PM Dave Wreski wrote:
On 06/26/2015 12:45 PM, Benny Pedersen wrote:
> Alex Regan skrev den 2015-06-26 18:33:
>
>> http://pastebin.com/FzUkEvRp
>
> blacklist_from *@*.allisonarctictrips.com
>
> spf-pass take responselily
Yes, after it's received, there are a ton of th
On 06/26/2015 12:45 PM, Benny Pedersen wrote:
Alex Regan skrev den 2015-06-26 18:33:
http://pastebin.com/FzUkEvRp
blacklist_from *@*.allisonarctictrips.com
spf-pass take responselily
Yes, after it's received, there are a ton of things that could be done
to block it (including my local R
On 26 Jun 2015, at 12:33, Alex Regan wrote:
Hi,
I have one system with greylisting enabled and another that hasn't yet
been enabled. On the system without it, I'm receiving a ton of random
spam that hits bayes99 but pretty much nothing else.
http://pastebin.com/FzUkEvRp
It all seems to be
>From: Benny Pedersen
Sent: Friday, June 26, 2015 11:45 AM
>To: users@spamassassin.apache.org
>Subject: Re: Rules needed...
>Alex Regan skrev den 2015-06-26 18:33:
>> http://pastebin.com/FzUkEvRp
>blacklist_from *@*.allisonarctictrips.com
>spf-pass take responselily
Are you running a centralized Bayes with some honeypot addresses feeding
it?
A search of your messages log should give you plenty of bogus email
addresses that the botnet has been probing for on your system. Pick
some of the obvious ones and set them up as feeders to Bays and that
should take
Alex Regan skrev den 2015-06-26 18:33:
http://pastebin.com/FzUkEvRp
blacklist_from *@*.allisonarctictrips.com
spf-pass take responselily
Yep, you are damn right. I work in a company where I maintain a list for
canadian banks and more. It's a pain, but it's effective.
Should a few responsible of us contribute, it would greatly help.
Alex, from osmose.
Bow before me, for I am root.
On 12-08-24 02:03 PM, Matt Garretson wrote:
> In
In my experience, banks and financial institutions tend to be among the
worst offenders against sane bulk mailing practices. SPF or DKIM will
be broken or inconsistently applied, and sender/relay domains seem to
vary with the weather. I think it will be tough to nail down all the
valid domains a
That's my opinion too.
Therefor the community will have to contribute to the list of which
domain to add or not.
Alex, from osmose.
Bow before me, for I am root.
On 12-08-23 07:20 PM, Jason Haar wrote:
> Great idea - but don't under-estimate the amount of work. Someone
> thought there'd be "onl
Great idea - but don't under-estimate the amount of work. Someone
thought there'd be "only" 20-30 domains to be covered - but I'd say
that's actually 20-30 domains PER COUNTRY.
Here in New Zealand we get a lot of phishing attacks using New Zealand
banks - just like you get spam referring to your o
On 23/08/12 18:18, Marc Perkel wrote:
Let's take wellsfargo.com (Wells Fargo Bank) as an example.
If the FCrDNS of the connecting server is *.wellsfargo.com it is ham.
If wellsfargo.com is in the received lines and not forged it is ham.
If wellsfargo.com is in the received headers and it is forg
Let's take wellsfargo.com (Wells Fargo Bank) as an example.
If the FCrDNS of the connecting server is *.wellsfargo.com it is ham.
If wellsfargo.com is in the received lines and not forged it is ham.
If wellsfargo.com is in the received headers and it is forged it is spam.
If wellsfargo.com is in
> I guess what we are looking for is a plugin that can take a list of
> commonly abused domains known to have valid SPF records or valid DKIM
> signatures, and to be able to apply a (stronger) score to those messages
> that fail the SPF and/or DKIM test.
Several common domains that do provide a
I think the idea has merit. Can you open a bug in bugzilla, please? My
goals are to get some more polish on masscheck and put out a 3.4.0 rc1
and deal with the 3.4.X infrastructure changes. After that I'll offer
to work with you on this if no one steps up by then.
regards,
KAM
On 23/08/12 12:08, RW wrote:
On Thu, 23 Aug 2012 01:33:56 +0100
Ned Slider wrote:
# Fedex
header __LOCAL_FROM_FEDEX Return-Path:addr
=~ /\@fedex\.com$/i meta
LOCAL_SPF_FEDEX ((SPF_SOFTFAIL || SPF_FAIL)&&
__LOCAL_FROM_FEDEX) describeLOCAL_SPF_FEDEX
Fedex SPF Fail
and i
On 23/08/12 04:31, Kevin A. McGrail wrote:
On 8/22/2012 8:33 PM, Ned Slider wrote:
So if I hit all mail claiming to be sent from fedex.com that fails SPF
I can easily weed out all the fakes:
# Fedex
header __LOCAL_FROM_FEDEX Return-Path:addr =~ /\@fedex\.com$/i
meta LOCAL_SPF_FEDEX ((SPF_SOFTFA
Well i can help with a plugin to automate things but i can only automate
something once it is done a few times. Have you written the rules you think
will help for say two of the domain's?
Have you collected example ham and spam?
You have a good idea but without specifics, i don't know the patter
On Thu, 23 Aug 2012 01:33:56 +0100
Ned Slider wrote:
> # Fedex
> header__LOCAL_FROM_FEDEX Return-Path:addr
> =~ /\@fedex\.com$/i meta
> LOCAL_SPF_FEDEX ((SPF_SOFTFAIL || SPF_FAIL) &&
> __LOCAL_FROM_FEDEX) describe LOCAL_SPF_FEDEX
> Fedex SPF Fail
>
> and if I w
On 8/22/2012 8:31 PM, Kevin A. McGrail wrote:
On 8/22/2012 8:33 PM, Ned Slider wrote:
So if I hit all mail claiming to be sent from fedex.com that fails
SPF I can easily weed out all the fakes:
# Fedex
header__LOCAL_FROM_FEDEXReturn-Path:addr =~ /\@fedex\.com$/i
metaLOCAL_
On 8/22/2012 8:33 PM, Ned Slider wrote:
So if I hit all mail claiming to be sent from fedex.com that fails SPF
I can easily weed out all the fakes:
# Fedex
header__LOCAL_FROM_FEDEXReturn-Path:addr =~ /\@fedex\.com$/i
metaLOCAL_SPF_FEDEX((SPF_SOFTFAIL || SPF_FAIL) &&
On Thu, 23 Aug 2012, Ned Slider wrote:
So if I hit all mail claiming to be sent from fedex.com that fails SPF I
can easily weed out all the fakes:
# Fedex
header __LOCAL_FROM_FEDEX Return-Path:addr =~ /\@fedex\.com$/i
metaLOCAL_SPF_FEDEX ((SPF_SOFTFAIL || SPF_
On 23/08/12 00:07, RW wrote:
On Wed, 22 Aug 2012 17:40:23 +0100
Ned Slider wrote:
On 22/08/12 16:22, Marc Perkel wrote:
I'd like to make a suggestion as to how to block a lot of fraud.
This would involve making a list of domains similar to the
successful freemail list plugin. The idea is to bl
RW writes:
> My bank outsources it's email to a email marketing company. I think
> this sort of thing is quite common. The received header has nothing to
> do with the the bank. It passes spf, but the domain is not one it
> uses for anything else.
I think the point is that if we know that bank
On Wed, 22 Aug 2012 17:40:23 +0100
Ned Slider wrote:
> On 22/08/12 16:22, Marc Perkel wrote:
> > I'd like to make a suggestion as to how to block a lot of fraud.
> > This would involve making a list of domains similar to the
> > successful freemail list plugin. The idea is to block email that
> >
On 22/08/12 16:22, Marc Perkel wrote:
I'd like to make a suggestion as to how to block a lot of fraud. This
would involve making a list of domains similar to the successful
freemail list plugin. The idea is to block email that spoofs major
institutions such as banks, credit cards, ebay, and other
42 matches
Mail list logo
