Re: Whitelist or BAYES?

On 10/1/2024 8:58 AM, Bill Cole wrote: On 2024-09-30 at 16:22:49 UTC-0400 (Mon, 30 Sep 2024 16:22:49 -0400) joe a is rumored to have said: On 9/27/2024 04:05:51, Matus UHLAR - fantomas wrote: On 26.09.24 10:27, joe a wrote: Maybe I should not ask this, but . . .

Re: Whitelist or BAYES?

On 2024-09-30 at 16:22:49 UTC-0400 (Mon, 30 Sep 2024 16:22:49 -0400) joe a is rumored to have said: On 9/27/2024 04:05:51, Matus UHLAR - fantomas wrote: On 26.09.24 10:27, joe a wrote: Maybe I should not ask this, but . . . A relatively innocuous member informational email from a local town

Re: Whitelist or BAYES?

On 9/30/2024 16:22:49, joe a wrote: On 9/27/2024 04:05:51, Matus UHLAR - fantomas wrote: On 26.09.24 10:27, joe a wrote: Maybe I should not ask this, but . . . A relatively innocuous member informational email from a local town Library (monthly) gets marked as spam as shown below. The BAYES_9

Re: Whitelist or BAYES?

On 9/27/2024 04:05:51, Matus UHLAR - fantomas wrote: On 26.09.24 10:27, joe a wrote: Maybe I should not ask this, but . . . A relatively innocuous member informational email from a local town Library (monthly) gets marked as spam as shown below. The BAYES_99 and BAYES_999 values are something

Re: Whitelist or BAYES?

On 26.09.24 10:27, joe a wrote: Maybe I should not ask this, but . . . A relatively innocuous member informational email from a local town Library (monthly) gets marked as spam as shown below. The BAYES_99 and BAYES_999 values are something I am toying with for other reasons. Seems odd these

RE: Whitelist or BAYES?

> --- >If guns kill people, then... > -- pencils miss spel words. > -- cars make people drive drunk. > -- spoons make people fat. > --- :) I wa

RE: Whitelist or BAYES?

> > > So, on the one hand I can add them to whitelist and be done with it, or > > I can add them to missed HAM for re-learning. > > > > Which is the best approach? > > Do both. > You will be always having work. The one's SPAM is the other users delight. I have switched to having frontend serve

Re: Whitelist or BAYES?

On Thu, 26 Sep 2024, joe a wrote: So, on the one hand I can add them to whitelist and be done with it, or I can add them to missed HAM for re-learning. Which is the best approach? Do both. -- John Hardin KA7OHZhttp://www.impsec.org/~jhardin/ jhar...@impsec.org

Re: Whitelist or BAYES?

joe a wrote: Maybe I should not ask this, but . . . A relatively innocuous member informational email from a local town Library (monthly) gets marked as spam as shown below. The BAYES_99 and BAYES_999 values are something I am toying with for other reasons. Seems odd these should hit either o

Re: Whitelist rules should never pass on SPF fail

On 11/05/2024 03:40, Bill Cole wrote: So what? domain owners state hard fail it SHOULD be hard failed, irrespective of if YOU think you know better than THEM or not, if we hardfail we accept the risks that come with it. In practice, there is a prioritizing of whose wishes I prioritize on the

Re: Whitelist rules should never pass on SPF fail

On 2024-05-09 at 17:21:07 UTC-0400 (Fri, 10 May 2024 07:21:07 +1000) Noel Butler is rumored to have said: > So what? domain owners state hard fail it SHOULD be hard failed, irrespective > of if YOU think you know better than THEM or not, if we hardfail we accept > the risks that come with it.

Re: Whitelist rules should never pass on SPF fail

On 09/05/2024 22:47, Bill Cole wrote: On 2024-05-09 at 08:37:06 UTC-0400 (Thu, 09 May 2024 14:37:06 +0200) Benny Pedersen is rumored to have said: Bill Cole skrev den 2024-05-09 14:22: In fact, I can't think of any whitelist test that should pass if SPF fails. If you operate on the theory th

Re: Whitelist rules should never pass on SPF fail

On 2024-05-09 at 08:37:06 UTC-0400 (Thu, 09 May 2024 14:37:06 +0200) Benny Pedersen is rumored to have said: Bill Cole skrev den 2024-05-09 14:22: In fact, I can't think of any whitelist test that should pass if SPF fails. If you operate on the theory that a SPF failure is always a sign of

Re: Whitelist rules should never pass on SPF fail

Bill Cole skrev den 2024-05-09 14:22: In fact, I can't think of any whitelist test that should pass if SPF fails. If you operate on the theory that a SPF failure is always a sign of spam, you can make your SpamAssassin always trust SPF failures absolutely. I would not recommend that. Some pe

Re: Whitelist rules should never pass on SPF fail

On 2024-05-08 at 15:53:47 UTC-0400 (Wed, 08 May 2024 16:53:47 -0300) kurt.va1der.ca via users is rumored to have said: I received a (relatively) well crafted Phishing email today. It was clearly a well planned campaign. The Spamassassin score was as follows: X-Spam-Status: No, score=-0.4 r

Re: Whitelist rules should never pass on SPF fail

kurt.va1der.ca via users skrev den 2024-05-08 21:53: I received a (relatively) well crafted Phishing email today. It was clearly a well planned campaign. The Spamassassin score was as follows: X-Spam-Status: No, score=-0.4 required=5.0 tests=GOOG_REDIR_NORDNS=0.001, HTML_FONT_LOW_CONTRAST=

Re: Whitelist rules should never pass on SPF fail

On 09/05/2024 05:57, Jarland Donnell wrote: That's easy though at least. Set the DNSWL rule to 0. I appreciate their effort but it's simply not an accurate way to determine the value of an email in 2024. It's never been the deciding factor between whether or not an email was spam, in any email

Re: Whitelist rules should never pass on SPF fail

Obviously the right way is for the master rules to be adjusted. But if you want a local fix, try something like this: score RCVD_IN_DNSWL_HI -0.001 metaMY_RCVD_IN_DNSWL_HIRCVD_IN_DNSWL_HI && !SPF_FAIL score MY_RCVD_IN_DNSWL_HI-5 describeMY_RCVD_IN_DNSWL_HI

Re: Whitelist rules should never pass on SPF fail

That’s easy though at least. Set the DNSWL rule to 0. I appreciate their effort but it’s simply not an accurate way to determine the value of an email in 2024. It’s never been the deciding factor between whether or not an email was spam, in any email I’ve audited in the last decade. > On Wednes

Re: Whitelist or add negative values for score

On 23.12.22 21:24, Joey J wrote: This is the best I can grab header wise, Names/IP's have changed here to protect privacy. Know the following: The senders real server (1.2.3.4), (1.2.3.4 is the SPF match) sends the mail to the gateway, and the gateway blocked it as shown. Yes, legit going to payp

Re: Whitelist or add negative values for score

Hello All, This is the best I can grab header wise, Names/IP's have changed here to protect privacy. Know the following: The senders real server (1.2.3.4), (1.2.3.4 is the SPF match) sends the mail to the gateway, and the gateway blocked it as shown. Yes, legit going to paypal. Based on your resp

Re: Whitelist or add negative values for score

On Wed, 21 Dec 2022, Joey J wrote: But in better seeing the welcomelist_from_spf option, I think this will be my first try. If you are *really* worried about getting faked mail from that correspondent, you can do something like: whitelist_from_spf j...@company.com blacklist_fro

Re: Whitelist or add negative values for score

On 21.12.22 15:48, Joey J wrote: Thank you for pointing me in the better direction. Since not many people are typing these types of email , I could do the one off rule and it would be manageable. But in better seeing the welcomelist_from_spf option, I think this will be my first try. welcomelis

Re: Whitelist or add negative values for score

Kris & Greg, Thank you for pointing me in the better direction. Since not many people are typing these types of email , I could do the one off rule and it would be manageable. But in better seeing the welcomelist_from_spf option, I think this will be my first try. I appreciate all of your points

Re: Whitelist or add negative values for score

Joey J wrote: Thanks Everyone. Within all of the responses, I will try to reply here. 1. The legit sender will talk about big numbers because of the real things he is involved with so big numbers is still a valid method to score, just not in this case. 2. The SPF record is set to fail on no mat

Re: Whitelist or add negative values for score

The other thing that should be done for j...@company.com is that company.com should sign their mail with DKIM, and then you can welcomelist_from_dkim *@company.com I find that many companies I deal with that produce semi-spammy mail (most big companies :-) have DKIM signatures and I can welcome

Re: Whitelist or add negative values for score

Thanks Everyone. Within all of the responses, I will try to reply here. 1. The legit sender will talk about big numbers because of the real things he is involved with so big numbers is still a valid method to score, just not in this case. 2. The SPF record is set to fail on no match, however this d

Re: Whitelist or add negative values for score

On 2022-12-21 at 12:02:27 UTC-0500 (Wed, 21 Dec 2022 18:02:27 +0100) Matus UHLAR - fantomas is rumored to have said: [...]> > On 21.12.22 11:19, Henrik K wrote: >> It will pass welcomelist_auth, since there is SPF_PASS, which you missed: >> >> SPF_PASS   -0.001 SPF: sender matches SPF

Re: Whitelist or add negative values for score

On 20/12/2022 23:59, Joey J wrote: Thanks to Bill and Matus for your responses. Basically, the client is talking about real money transactions, airplanes, paypal etc, but he is a legit sender with these often flagged topics. Sometimes the message goes through, but by the time you reply 2 or 3

Re: Whitelist or add negative values for score

> DKIM_INVALID 0.1 DKIM or DK signature exists, but is not valid > > DKIM_SIGNED 0.1 Message has a DKIM or DK signature, not > necessarily valid > > HTML_FONT_LOW_CONTRAST 0.001 HTML font color similar or identical to > background > > HTML_MESSAGE0.001 HTML

Re: Whitelist or add negative values for score

On Wed, Dec 21, 2022 at 08:43:18AM +0100, Matus UHLAR - fantomas wrote: > > DKIM_INVALID 0.1 DKIM or DK signature exists, but is not valid > > > > DKIM_SIGNED 0.1 Message has a DKIM or DK signature, not > > necessarily valid > > > > HTML_FONT_LOW_CONTRAST 0.001 HTML fo

Re: Whitelist or add negative values for score

On 20.12.22 18:59, Joey J wrote: Basically, the client is talking about real money transactions, airplanes, paypal etc, but he is a legit sender with these often flagged topics. Sometimes the message goes through, but by the time you reply 2 or 3 times, there are more of the buzz words that SA lo

Re: Whitelist or add negative values for score

Personally I'd look at why BIGNUM_EMAILS_MANY is hitting and see if there is something the sender could do to avoid it. I'm pretty sure I've never seen that rule hit in any of my spam, so it must be something a bit unique. Loren

Re: Whitelist or add negative values for score

Thanks to Bill and Matus for your responses. Basically, the client is talking about real money transactions, airplanes, paypal etc, but he is a legit sender with these often flagged topics. Sometimes the message goes through, but by the time you reply 2 or 3 times, there are more of the buzz words

Re: Whitelist or add negative values for score

On 19.12.22 20:05, Joey J wrote: I'm trying to see if there is a "best way" to provide negative scoring for a certain persons email. As an example if j...@company.com is communicating with paypal or other real banking institutions, then at times within the email chain, SA will tag it as spam. d

Re: Whitelist or add negative values for score

On 2022-12-19 at 21:43:08 UTC-0500 (Mon, 19 Dec 2022 21:43:08 -0500) Joey J is rumored to have said: Thanks, So welcomelist_from_rcvd j...@company.com [1.2.3.4] Is saying if it's received from j...@company.com and the IP combination? And then simply score it welcomelist_from_rcvd score -2 I

Re: Whitelist or add negative values for score

Actually, what would be the format, in respect to header for that rule? so header welcomelist_from_rcvd j...@company.com [1.2.3.4] On Mon, Dec 19, 2022 at 8:39 PM Greg Troxel wrote: > > Joey J writes: > > > I'm trying to see if there is a "best way" to provide negative scoring > for >

Re: Whitelist or add negative values for score

Thanks, So welcomelist_from_rcvd j...@company.com [1.2.3.4] Is saying if it's received from j...@company.com and the IP combination? And then simply score it welcomelist_from_rcvd score -2 I will try that thank you! On Mon, Dec 19, 2022 at 8:39 PM Greg Troxel wrote: > > Joey J writes: > > > I'

Re: Whitelist or add negative values for score

Joey J writes: > I'm trying to see if there is a "best way" to provide negative scoring for > a certain persons email. That's easy. There are many ways, but not best way. > As an example if j...@company.com is communicating with paypal or other real > banking institutions, then at times withi

Re: Whitelist a domain for the URI_HEX check?

On Tue, Dec 17, 2019 at 05:41:53PM +, RW wrote: > On Tue, 17 Dec 2019 12:07:34 -0500 > Sean Hennessey wrote: > > > Is it possible to whitelist a domain for the URI_HEX check like you > > can with the uridnsbl_skip_domain directive? > > No. > > It currently only scores 0.1, which isn't worth

Re: Whitelist a domain for the URI_HEX check?

On Tue, 17 Dec 2019 12:07:34 -0500 Sean Hennessey wrote: > Is it possible to whitelist a domain for the URI_HEX check like you > can with the uridnsbl_skip_domain directive? No. It currently only scores 0.1, which isn't worth the trouble of individual exceptions. If you are seeing anything else

Re: Whitelist rcvd IP

I believe the "whitelist_from_rcvd" option, which is now in SpamAssassin core, functions the same as the old Mail::SpamAssassin::Plugin::WhitelistRcvdIP module, though with a slightly different syntax. If you really want to use it as a blanket whitelist for a certain IP address or range, the firs

Re: Whitelist rcvd IP

On Wed, 12 Jun 2019, Benny Pedersen wrote: Emanuel Gonzalez skrev den 2019-06-12 17:48: I have the need to mark certain IP addresses as secure, only for receiving mail, but I can not find information about it. its trusted_networks That is not whitelisting. That's whether or not a network

Re: Whitelist rcvd IP

On Wed, 12 Jun 2019, Emanuel Gonzalez wrote: Hello, I have the need to mark certain IP addresses as secure, only for receiving mail, but I can not find information about it. In a publication they advise using the module called Mail :: SpamAssassin :: Plugin :: WhitelistRcvdIP but I can not f

Re: Whitelist rcvd IP

Emanuel Gonzalez skrev den 2019-06-12 17:48: I have the need to mark certain IP addresses as secure, only for receiving mail, but I can not find information about it. its trusted_networks In a publication they advise using the module called Mail :: SpamAssassin :: Plugin :: WhitelistRcvdIP

Re: Whitelist IP for SBL check

Yes, I missed it. On Sat, Feb 24, 2018 at 12:49 AM, RW wrote: > On Sat, 24 Feb 2018 00:36:56 +0530 > shridhar shetty wrote: > > > > 'Your local "fix" won't stop a URIBL_SBL hit at the other, rcpt's > > end.' In such case we relay our mails through an external server > > which has clean reputatio

Re: Whitelist IP for SBL check

On Sat, 24 Feb 2018 00:36:56 +0530 shridhar shetty wrote: > 'Your local "fix" won't stop a URIBL_SBL hit at the other, rcpt's > end.' In such case we relay our mails through an external server > which has clean reputation. That way our mails are delivered to the > recipient. That will help with

Re: Whitelist IP for SBL check

Hello Axb, Below are the response to your queries. Why not fix the SBL issue instead of trying to work around it? Fixing the SBL issue is the first thing we do. But it takes some time so we do not want our outbound mail service to be affected due to this. 'Your local "fix" won't stop a URIBL_SBL

Re: Whitelist IP for SBL check

Considering the issue, couldn't you in theory just add "uridnsbl_skip_domain ip.on.blk.lst"? I mean, according to URIBL_SBL, it would be if the IP itself is on the blacklist, so wouldn't skipping the "domain" of a specific IP skip detection? On Fri, Feb 23, 2018 at 4:55 PM, David Jones wrote: >

Re: Whitelist IP for SBL check

On 02/23/2018 03:26 PM, shridhar shetty wrote: Hello, In our infra we use spamassassin to scan our **outgoing** mails too. This is to prevent spammers using our infra to send mails and get our IP's blacklisted. We perform various DNSBL tests on the mail body. One of our IPs got listed in Spamh

Re: Whitelist IP for SBL check

On 02/23/2018 10:46 AM, Axb wrote: On 02/23/2018 04:33 PM, David Jones wrote: On 02/23/2018 08:26 AM, shridhar shetty wrote: Hello, In our infra we use spamassassin to scan our **outgoing** mails too. This is to prevent spammers using our infra to send mails and get our IP's blacklisted. We

Re: Whitelist IP for SBL check

On 02/23/2018 04:33 PM, David Jones wrote: On 02/23/2018 08:26 AM, shridhar shetty wrote: Hello, In our infra we use spamassassin to scan our **outgoing** mails too. This is to prevent spammers using our infra to send mails and get our IP's blacklisted. We perform various DNSBL tests on the m

Re: Whitelist IP for SBL check

On 02/23/2018 08:26 AM, shridhar shetty wrote: Hello, In our infra we use spamassassin to scan our **outgoing** mails too. This is to prevent spammers using our infra to send mails and get our IP's blacklisted. We perform various DNSBL tests on the mail body. We also scan outbound aggressi

Re: whitelist issues with sprintpcs.com

One possibility I don't see mentioned is to simply accept this at the MTA level. I've often had to do this when a sending domain is misconfigured but is part of our legitimate senders. It obviously opens up doors you'll have to monitor other ways. but in Sendmail it is as simple as adding the d

Re: whitelist issues with sprintpcs.com

On 4 Jul 2016, at 21:57, Alex wrote: Hi, On Mon, Jul 4, 2016 at 9:00 PM, Bill Cole wrote: On 3 Jul 2016, at 14:48, Alex wrote: On 2016-07-03 20:18, Alex wrote: whitelist_from *@pm.sprintpcs.com [...] From: Sprint User <5556142...@pm.sprint.com> One of these things is not like the o

Re: whitelist issues with sprintpcs.com

Hi, On Mon, Jul 4, 2016 at 9:00 PM, Bill Cole wrote: > On 3 Jul 2016, at 14:48, Alex wrote: > >>> On 2016-07-03 20:18, Alex wrote: >>> whitelist_from *@pm.sprintpcs.com > > [...] >> >> From: Sprint User <5556142...@pm.sprint.com> > > > One of these things is not like the other... Not that i

Re: whitelist issues with sprintpcs.com

On 3 Jul 2016, at 14:48, Alex wrote: On 2016-07-03 20:18, Alex wrote: whitelist_from *@pm.sprintpcs.com [...] From: Sprint User <5556142...@pm.sprint.com> One of these things is not like the other... Not that it actually matters. This is also substantially confused by the fact that you

Re: whitelist issues with sprintpcs.com

Benny Pedersen wrote on 4/07/16 9:47 AM: > On 2016-07-03 23:34, Groach wrote: >> On 03/07/2016 23:29, Reindl Harald wrote: It turns out that this mailing list software gives me only a bigger hammer than I wanted to use. I cannot place individuals under moderation so I can review their posts before

Re: whitelist issues with sprintpcs.com

Am 03.07.2016 um 23:47 schrieb Benny Pedersen: On 2016-07-03 23:34, Groach wrote: On 03/07/2016 23:29, Reindl Harald wrote: sorry, but when i see Benny after 5 years experience on several lists i just have enough, mouth wide often but technical still a noob http://geekologie.com/2011/08/08

Re: whitelist issues with sprintpcs.com

On 2016-07-03 23:34, Groach wrote: On 03/07/2016 23:29, Reindl Harald wrote: sorry, but when i see Benny after 5 years experience on several lists i just have enough, mouth wide often but technical still a noob http://geekologie.com/2011/08/08/mad-on-the-internet-cut.jpg http://ipv6bingo.co

Re: whitelist issues with sprintpcs.com

On 03/07/2016 23:29, Reindl Harald wrote: sorry, but when i see Benny after 5 years experience on several lists i just have enough, mouth wide often but technical still a noob http://geekologie.com/2011/08/08/mad-on-the-internet-cut.jpg

Re: whitelist issues with sprintpcs.com

Am 03.07.2016 um 23:24 schrieb Alex: whitelist_from *@pm.sprintpcs.com does not work.. Why? It's because the mail has a Resent-From which overrides any other from type header. From the documentation Mail::SpamAssassin::Conf "The headers checked for whitelist addresses are as follows: if Re

Re: whitelist issues with sprintpcs.com

Hi, whitelist_from *@pm.sprintpcs.com does not work.. Why? > > It's because the mail has a Resent-From which overrides any other from type > header. > > From the documentation Mail::SpamAssassin::Conf > > "The headers checked for whitelist addresses are as follows: if Resent-From is

Re: whitelist issues with sprintpcs.com

On Sun, 3 Jul 2016 14:18:38 -0400 Alex wrote: > Hi, > > >>> since they are fucking too stupid for SPF on their subdomains > >>> whitelist_from_rcvd *@pm.sprint.com sprintpcs.com > >> > >> all headers begin with x- is pr defination forged header > >> > > > when there is no SPF/DKIM you need t

Re: whitelist issues with sprintpcs.com

On 03/07/2016 22:43, Sidney Markowitz wrote: whitelist_from *@pm.sprintpcs.com does not work.. Why? It's because the mail has a Resent-From which overrides any other from type header. From the documentation Mail::SpamAssassin::Conf "The headers checked for whitelist addresses are as follow

Re: whitelist issues with sprintpcs.com

Alex wrote on 4/07/16 6:48 AM: > Hi, > > On Sun, Jul 3, 2016 at 2:29 PM, Benny Pedersen wrote: >> On 2016-07-03 20:18, Alex wrote: >> >>> whitelist_from *@pm.sprintpcs.com >>> >>> does not work.. Why? It's because the mail has a Resent-From which overrides any other from type header. >From the

Re: whitelist issues with sprintpcs.com

Am 03.07.2016 um 20:36 schrieb Benny Pedersen: On 2016-07-03 20:26, Reindl Harald wrote: Envelope-Sender Resent-Sender X-Envelope-From From please tell me what mta add this headers as envelope_sender header ? obviously enough otherwise it would no exist ma

Re: whitelist issues with sprintpcs.com

Hi, On Sun, Jul 3, 2016 at 2:29 PM, Benny Pedersen wrote: > On 2016-07-03 20:18, Alex wrote: > >> whitelist_from *@pm.sprintpcs.com >> >> does not work.. Why? > > DSN is not possible to whitelist, its a rfc to accept always DSN Strictly speaking, it was a quarantined message, not a DSN. I also

Re: whitelist issues with sprintpcs.com

On 2016-07-03 20:26, Reindl Harald wrote: Envelope-Sender Resent-Sender X-Envelope-From From please tell me what mta add this headers as envelope_sender header ? maybe you after that could tell who is idiot ?

Re: whitelist issues with sprintpcs.com

On 2016-07-03 20:18, Alex wrote: whitelist_from *@pm.sprintpcs.com does not work.. Why? DSN is not possible to whitelist, its a rfc to accept always DSN Return-Path: <> whats envelope_sender_header have you in local.cf ?

Re: whitelist issues with sprintpcs.com

Am 03.07.2016 um 20:23 schrieb Benny Pedersen: On 2016-07-03 20:16, Reindl Harald wrote: when there is no SPF/DKIM you need to rely on headers keep away from using x- headers for whitelist still its forged again you are an idiot and should RTFM before play smart-ass http://spamassassin.

Re: whitelist issues with sprintpcs.com

Am 03.07.2016 um 20:21 schrieb Benny Pedersen: On 2016-07-03 20:17, Reindl Harald wrote: what about shut up? ... the subdomain has no SPF and so there is not much than headers since the subdomain has no SPF there is no SPF test at all its irelevaant you are an idiot "pm.sprint.com" ha

Re: whitelist issues with sprintpcs.com

Am 03.07.2016 um 20:18 schrieb Alex: Hi, since they are fucking too stupid for SPF on their subdomains whitelist_from_rcvd *@pm.sprint.com sprintpcs.com all headers begin with x- is pr defination forged header when there is no SPF/DKIM you need to rely on headers omg, both of you guys

Re: whitelist issues with sprintpcs.com

On 2016-07-03 20:16, Reindl Harald wrote: when there is no SPF/DKIM you need to rely on headers keep away from using x- headers for whitelist still its forged

Re: whitelist issues with sprintpcs.com

On 2016-07-03 20:17, Reindl Harald wrote: what about shut up? ... the subdomain has no SPF and so there is not much than headers since the subdomain has no SPF there is no SPF test at all its irelevaant

Re: whitelist issues with sprintpcs.com

Hi, >>> since they are fucking too stupid for SPF on their subdomains >>> whitelist_from_rcvd *@pm.sprint.com sprintpcs.com >> >> all headers begin with x- is pr defination forged header >> > when there is no SPF/DKIM you need to rely on headers omg, both of you guys. I didn't say anything about

Re: whitelist issues with sprintpcs.com

Am 03.07.2016 um 20:15 schrieb Benny Pedersen: On 2016-07-03 19:54, Alex wrote: As I mentioned, all attempts to whitelist are ignored. I just don't know why. do not use x- headers for spf testing in spamassassin since its pr defination forged what about shut up? the subdomain has no SPF

Re: whitelist issues with sprintpcs.com

On 2016-07-03 19:54, Alex wrote: As I mentioned, all attempts to whitelist are ignored. I just don't know why. do not use x- headers for spf testing in spamassassin since its pr defination forged

Re: whitelist issues with sprintpcs.com

Am 03.07.2016 um 20:14 schrieb Benny Pedersen: On 2016-07-03 19:46, Reindl Harald wrote: X-Envelope-From: <15556142...@pm.sprint.com> From: 5556142...@pm.sprint.com since they are fucking too stupid for SPF on their subdomains whitelist_from_rcvd *@pm.sprint.com sprintpcs.com all headers

Re: whitelist issues with sprintpcs.com

On 2016-07-03 19:46, Reindl Harald wrote: X-Envelope-From: <15556142...@pm.sprint.com> From: 5556142...@pm.sprint.com since they are fucking too stupid for SPF on their subdomains whitelist_from_rcvd *@pm.sprint.com sprintpcs.com all headers begin with x- is pr defination forged header pay

Re: whitelist issues with sprintpcs.com

Hi, >>> whitelist_from_rcvd *@pm.sprint.com sprintpcs.com >> >> >> As I mentioned, all attempts to whitelist are ignored. I just don't know >> why > > you did not properly mention your attempts > the above works, i have a long list of "whitelist_from_rcvd" for idiots too > stupid for SPF or DKIM w

Re: whitelist issues with sprintpcs.com

Am 03.07.2016 um 19:54 schrieb Alex: Received: from lxnsmsomta04.localdomain (smtp4a.mo.sprintpcs.com [66.1.208.13]) by mail01.example.com (Postfix) with ESMTP id 7FF846800CC30 for ; Sat, 25 Jun 2016 21:21:21 -0400 (EDT) Received: from musreb31.nmcc.sprintspectrum.com (unknown [10.25.15

Re: whitelist issues with sprintpcs.com

Hi, >> Received: from lxnsmsomta04.localdomain (smtp4a.mo.sprintpcs.com >> [66.1.208.13]) >> by mail01.example.com (Postfix) with ESMTP id 7FF846800CC30 >> for ; Sat, 25 Jun 2016 21:21:21 -0400 (EDT) >> Received: from musreb31.nmcc.sprintspectrum.com (unknown [10.25.157.71]) >> by lxns

Re: whitelist issues with sprintpcs.com

Am 03.07.2016 um 19:43 schrieb Alex: I'm trying to whitelist mail from sprintpcs.com in the best way possible, but it's ignoring attempts at even using whitelist_from and I don't know why. Perhaps it's something with the way the mail is formatted? No SPF or DKIM available to be used. These mess

Re: whitelist filter not matching

David B Funk skrev den 2015-03-14 01:23: As usps.com publishes SPF records you can use "whitelist_from_auth" and be safer from abuse. thay miss to add dkim, and dmarc says fo=1 oh crap :=)

Re: whitelist filter not matching

Rick Hantz (TirNanOg) skrev den 2015-03-14 00:14: For some reason, whitelist_from *@*.usps.gov whitelist_from *@*.usps.com doesn't work on the header below. Anyone spot something that I missed? id D8.68.23218.0CC53055; Fri, 13 Mar 2015 16:55:12 -0500 (CDT) Return-Path: From: whitelist_from

Re: whitelist filter not matching

On Fri, 13 Mar 2015, Rick Hantz (TirNanOg) wrote: For some reason, whitelist_from *@*.usps.gov whitelist_from *@*.usps.com doesn't work on the header below. Anyone spot something that I missed? Received: from mailcentral12.srvs.usps.gov ([56.0.143.18]:47963 helo=gk-c18-email.usps.gov) b

Re: whitelist filter not matching

On Fri, 13 Mar 2015, Rick Hantz (TirNanOg) wrote: For some reason, whitelist_from *@*.usps.gov whitelist_from *@*.usps.com doesn't work on the header below. Anyone spot something that I missed? From: There's no subdomain there. You may need two entries: whitelist_from *@usps.com whitelist_f

Re: whitelist filter not matching

On 03/14/2015 12:14 AM, Rick Hantz (TirNanOg) wrote: From: whitelist_from *@usps.com or safer (prevent forged senders) whitelist_from_rcvd *@usps.com usps.gov watch your syntax...

Re: whitelist limitations

On 13.11.2014 22:08, Justin Edmands wrote: > We have a few thousand vendors in our websites database that I would > like to add to a whitelist. I am thinking of creating a > /etc/mail/spamassassin/corewhitelist.cf from > this database. > > What are the limitations/ repercu

Re: whitelist limitations

On November 14, 2014 12:54:15 AM John Hardin wrote: It might be more efficient to whitelist them in your MTA at the glue level - i.e., if an email comes from their MTA, don't even pass it to SA at all. One draw back is that ham learning is not using content from auth senders so in bayes

Re: whitelist limitations

On Thu, 13 Nov 2014, Justin Edmands wrote: We have a few thousand vendors in our websites database that I would like to add to a whitelist. I am thinking of creating a /etc/mail/spamassassin/ corewhitelist.cf from this database. What are the limitations/ repercussions of using a sitewide whitel

Re: whitelist limitations

On Thu, 13 Nov 2014 15:08:40 -0500 Justin Edmands wrote: > What if this list grows to 2 entries? How are you calling SpamAssassin? Maybe you should build (for example) a Berkeley DB of whitelisted addresses and simply skip SpamAssassin for those ones, assuming the method you use to integrat

Re: whitelist limitations

On 11/13/2014 09:08 PM, Justin Edmands wrote: We have a few thousand vendors in our websites database that I would like to add to a whitelist. I am thinking of creating a /etc/mail/spamassassin/ corewhitelist.cf from this database. What are the limitations/ repercussions of using a sitewide whit

Re: whitelist limitations

On Thu, 13 Nov 2014, Justin Edmands wrote: We have a few thousand vendors in our websites database that I would like to add to a whitelist. I am thinking of creating a /etc/mail/spamassassin/corewhitelist.cf from this database. What are the limitations/ repercussions of using a sitewide whitel

Re: whitelist limitations

Am 13.11.2014 um 21:08 schrieb Justin Edmands: We have a few thousand vendors in our websites database that I would like to add to a whitelist. I am thinking of creating a /etc/mail/spamassassin/corewhitelist.cf from this database. What are the limitations/ repercussi

Re: Whitelist one mail with multiple destinations

On Wed, 10 Sep 2014 10:59:16 -0300 "M. Rodrigo Monteiro" wrote: > > Option 2 is to accept the message unfiltered, split it into > > multiple copies, and remail each copy so it can be scanned > > per-recipient. > How can I do it? It depends on the MTA you're using. If you use one that supports

Re: Whitelist one mail with multiple destinations

2014-09-10 10:17 GMT-03:00 Antony Stone : > On Wednesday 10 September 2014 at 14:56:06 (EU time), M. Rodrigo Monteiro > wrote: > >> Hi. Here is my scenario: >> >> Internet -> MX (Postfix) -> Relay (Postfix + Amavis with SpamAssassin) -> >> Zimbra > >> My problem is that when an e-mail comes to mult

Re: Whitelist one mail with multiple destinations

2014-09-10 10:23 GMT-03:00 David F. Skoll : > Option 2 is to accept the message unfiltered, split it into multiple copies, > and remail each copy so it can be scanned per-recipient. This avoids > the delay, but it also means you cannot reject spam with a 5xx SMTP failure > code or you'll be blackl

Re: Whitelist one mail with multiple destinations

On Wed, 10 Sep 2014 09:56:06 -0300 "M. Rodrigo Monteiro" wrote: > My problem is that when an e-mail comes to multiple destinations and > one of them is whitelisted, all these destinations becomes whitelisted > too. There are really only two ways to get around this, and neither one is particularl

  1   2   3   4   5   >