On Thu, 12 Nov 2020 13:56:10 -0600
Darrell Budic wrote:
> > On Nov 12, 2020, at 1:01 PM, RW wrote:
> >
> > On Thu, 12 Nov 2020 11:23:29 -0600
> > Darrell Budic wrote:
> >
> >> Got a few of these 411 google form spams recently and was wondering
> >> why they weren’t getting caught by SA. Looks
On Thu, 12 Nov 2020, Darrell Budic wrote:
On Nov 12, 2020, at 12:31 PM, John Hardin wrote:
I'd have to see a spample to tell whether that would hit your particular case,
though. Can you upload an example to pastebin for us?
Sure, it’s at https://paste.centos.org/view/045312a7
The line it’
> On Nov 12, 2020, at 1:01 PM, RW wrote:
>
> On Thu, 12 Nov 2020 11:23:29 -0600
> Darrell Budic wrote:
>
>> Got a few of these 411 google form spams recently and was wondering
>> why they weren’t getting caught by SA. Looks like the Return-Path: is
>> triggering a whitelist rule on google.com
list rule from
>>>> firing when the free mail rules have been tripped?
>>>
>>> You can't keep it from firing beyond removing google.com from the
>>> whitelist, which would impact non-gmail google mails. What you *can* do is
>>> define a meta to of
On Thu, 12 Nov 2020 11:23:29 -0600
Darrell Budic wrote:
> Got a few of these 411 google form spams recently and was wondering
> why they weren’t getting caught by SA. Looks like the Return-Path: is
> triggering a whitelist rule on google.com so the rest of the tests
> aren’t enough to get it tagge
oogle mails. What you *can* do is define a meta
to offset the whitelist score:
meta FREEM_WLIST_OFFSET USER_IN_SPF_WHITELIST && FREEMAIL_FROM
scoreFREEM_WLIST_OFFSET 100.000 # offset whitelist score
describe FREEM_WLIST_OFFSET Offset SPF whitelist on freemail From
Of cours
ch would impact non-gmail google mails. What you *can* do is define a meta
> to offset the whitelist score:
>
> meta FREEM_WLIST_OFFSET USER_IN_SPF_WHITELIST && FREEMAIL_FROM
> scoreFREEM_WLIST_OFFSET 100.000 # offset whitelist score
> describe FREEM_WL
meta FREEM_WLIST_OFFSET USER_IN_SPF_WHITELIST && FREEMAIL_FROM
scoreFREEM_WLIST_OFFSET 100.000 # offset whitelist score
describe FREEM_WLIST_OFFSET Offset SPF whitelist on freemail From
Of course, that would prevent you from auth-whitelisting any freemail
provider, if you wanted to do
EMAIL_REPLYTO,FREEMAIL_REPLYTO_END_DIGIT,HEADER_FROM_DIFFERENT_DOMAINS,HTML_MESSAGE,LOTS_OF_MONEY,MONEY_FRAUD_8,NOT_FROM_SENDER,NOT_SENDER_MSGID,SO_PUB_SNDR_DOMAIN_DKIM_50,SPF_HELO_NONE,SPF_PASS,TXREP,T_GB_FREEM_FROM_NOT_REPLY,USER_IN_SPF_WHITELIST
X-Scanned-By: MIMEDefang 2.84
On Thu, 19 Jul 2018 22:41:29 +0100
RW wrote:
> On Thu, 19 Jul 2018 15:02:34 -0500
> John Schmerold wrote:
>
> > We had a message come in from pmipub.com, it fired rule
> > USER_IN_SPF_WHITELIST, this is defined in 60_whitelist_spf.cf as
> > "From: addres
On Thu, 19 Jul 2018 15:02:34 -0500
John Schmerold wrote:
> We had a message come in from pmipub.com, it fired rule
> USER_IN_SPF_WHITELIST, this is defined in 60_whitelist_spf.cf as
> "From: address is in the user's SPF whitelist"
>
> Grep tells me pmipub is
We had a message come in from pmipub.com, it fired rule
USER_IN_SPF_WHITELIST, this is defined in 60_whitelist_spf.cf as "From:
address is in the user's SPF whitelist"
Grep tells me pmipub is found in a couple large files:
/var/spool/exim/.spamassassin/auto-whitelist &
ram wrote:
> I find the spamassassin's SPF checks extremely unreliable. A lot of
> times I get SPF Fail of SPF Neutral for the same sender domain and IP
> address. While it is supposed to pass
>
> The same mail shows SPF pass when I run SA on commandline
>
> Is there something wrong with my config
I find the spamassassin's SPF checks extremely unreliable. A lot of
times I get SPF Fail of SPF Neutral for the same sender domain and IP
address. While it is supposed to pass
The same mail shows SPF pass when I run SA on commandline
Is there something wrong with my configuration ? I use spamass
: users@spamassassin.apache.org
Subject: Re: USER_IN_SPF_WHITELIST not firing
Kristopher Austin wrote:
> After I added "always_trust_envelope_sender 1" and run spamassassin
> -Dspf on several test messages they all have this error:
>
> dbg: spf: cannot get Envelope-From, cannot
Kristopher Austin wrote:
> After I added "always_trust_envelope_sender 1" and run spamassassin
> -Dspf on several test messages they all have this error:
>
> dbg: spf: cannot get Envelope-From, cannot use SPF
>
> I guess I must be missing something else. I've been watching my logs
> since the ch
e have anything other than SPF_HELO_*.
SA is running on my gateway MX.
Anything else I should look at?
Kris
-Original Message-
From: Daryl C. W. O'Shea [mailto:[EMAIL PROTECTED]
Sent: Monday, January 23, 2006 5:30 PM
To: Kristopher Austin
Cc: users@spamassassin.apache.org
Subject: Re: U
On 1/23/2006 12:10 PM, Kristopher Austin wrote:
After seeing all the SPF discussion lately I decided to actually ask you
guys about this problem.
I have many whitelist_from_spf entries where I usually keep my whitelist
entries. For some reason, I have never seen a hit on
USER_IN_SPF_WHITELIST
After seeing all the SPF discussion lately I decided to actually ask you
guys about this problem.
I have many whitelist_from_spf entries where I usually keep my whitelist
entries. For some reason, I have never seen a hit on
USER_IN_SPF_WHITELIST. I have received plenty of emails that I believe
19 matches
Mail list logo
