Re: Request for Whitelisting or Spam Score Adjustment for our TDL Domain

On 17/02/2025 03:23, Bill Cole wrote: On 2025-02-16 at 04:41:25 UTC-0500 (Sun, 16 Feb 2025 19:41:25 +1000) Noel Butler is rumored to have said: On 16/02/2025 01:07, Bill Cole wrote: On 2025-02-15 at 07:42:44 UTC-0500 (Sat, 15 Feb 2025 13:42:44 +0100) wissen.online | Stefan Mehlhorn is rumore

Re: Request for Whitelisting or Spam Score Adjustment for our TDL Domain

On 2025-02-16 at 04:41:25 UTC-0500 (Sun, 16 Feb 2025 19:41:25 +1000) Noel Butler is rumored to have said: On 16/02/2025 01:07, Bill Cole wrote: On 2025-02-15 at 07:42:44 UTC-0500 (Sat, 15 Feb 2025 13:42:44 +0100) wissen.online | Stefan Mehlhorn is rumored to have said: Hi Bill, so do you

Re: Request for Whitelisting or Spam Score Adjustment for our TDL Domain

On 16/02/2025 01:07, Bill Cole wrote: On 2025-02-15 at 07:42:44 UTC-0500 (Sat, 15 Feb 2025 13:42:44 +0100) wissen.online | Stefan Mehlhorn is rumored to have said: Hi Bill, so do you have another idea? Hi Stefan, No, I do not, aside from the implicit starting point: do not send spam. Mak

Re: AW: Request for Whitelisting or Spam Score Adjustment for our TDL Domain

Users Betreff: Re: Request for Whitelisting or Spam Score Adjustment for our TDL Domain On 2025-02-15 at 07:42:44 UTC-0500 (Sat, 15 Feb 2025 13:42:44 +0100) wissen.online | Stefan Mehlhorn is rumored to have said: Hi Bill, so do you have another idea? Hi Stefan, No, I do not, aside from the imp

AW: Request for Whitelisting or Spam Score Adjustment for our TDL Domain

Whitelisting or Spam Score Adjustment for our TDL Domain On 2025-02-15 at 07:42:44 UTC-0500 (Sat, 15 Feb 2025 13:42:44 +0100) wissen.online | Stefan Mehlhorn is rumored to have said: > Hi Bill, > > so do you have another idea? Hi Stefan, No, I do not, aside from the implicit starting poin

Re: Request for Whitelisting or Spam Score Adjustment for our TDL Domain

An: users@spamassassin.apache.org Betreff: Re: Request for Whitelisting or Spam Score Adjustment for our TDL Domain On 2025-02-13 at 13:25:44 UTC-0500 (Thu, 13 Feb 2025 19:25:44 +0100) Benny Pedersen is rumored to have said: https://matrix.spfbl.net/90.186.69.50 move avay from this ip What *ev

Re: off topic, Request for Whitelisting or Spam Score Adjustment for our TDL Domain

On Fri, 14 Feb 2025 10:59:11 +0100, Marc wrote: > > > > > Actually, if you look at ICANN's finances, they're retrenching because > > the new TLDs have mostly been a failure. There's a huge one-time pot > > of unexpected money from domain auctions, but they've promised to give > > it away. Other

Re: Request for Whitelisting or Spam Score Adjustment for our TDL Domain

On 2025-02-13 12:49:31 -0500, John Levine wrote: > It appears that wissen.online | Stefan Mehlhorn said: > >Are there any specific configurations or adjustments we can make to lower > >the high spam score of our emails? > > > >Or can you put us on one of your global whitelists for trusted .online

RE: off topic, Request for Whitelisting or Spam Score Adjustment for our TDL Domain

> > Actually, if you look at ICANN's finances, they're retrenching because > the new TLDs have mostly been a failure. There's a huge one-time pot > of unexpected money from domain auctions, but they've promised to give > it away. Other than that, it's been at best meh, and over 100 of the > vanity

Re: Request for Whitelisting or Spam Score Adjustment for our TDL Domain

wissen.online | Stefan Mehlhorn skrev den 2025-02-13 18:22: Dear SpamAssassin Support Team, https://matrix.spfbl.net/212.83.50.80 non-compliance domain. i never will pay $2 for resolving this, same reason i dont use it in spamassassin anymore sorry that i did miss that you had spf pass fr

Re: off topic, Request for Whitelisting or Spam Score Adjustment for our TDL Domain

It appears that John Hardin said: >> PS: If this leads to questions like "what exactly was the point of the >> thousand new TLDs?" >> you're not the only one asking. > >ICANN monetizing their product. Period. Actually, if you look at ICANN's finances, they're retrenching because the new TLDs hav

Re: Request for Whitelisting or Spam Score Adjustment for our TDL Domain

On 2025-02-13 at 12:49:31 UTC-0500 (13 Feb 2025 12:49:31 -0500) John Levine is rumored to have said: [...] I'm guessing that wissen.online is the same company as wissenonline.de. It's pretty clear from the 2 websites that they are entirely different. "Wissen" is German for "knowledge" so I

Re: Request for Whitelisting or Spam Score Adjustment for our TDL Domain

On 2025-02-13 at 13:25:44 UTC-0500 (Thu, 13 Feb 2025 19:25:44 +0100) Benny Pedersen is rumored to have said: https://matrix.spfbl.net/90.186.69.50 move avay from this ip What *evidence* do you have for the OP using that IP to connect to hosts other than his own mailserver? As far as I can

Re: Request for Whitelisting or Spam Score Adjustment for our TDL Domain

On Thu, 13 Feb 2025 18:22:44 +0100, "wissen.online | Stefan Mehlhorn" wrote: > > How can we lower our spam score due to your negative rating of our top-level > domain? > You may add your MX to https://www.dnswl.org/ and also add DMARC record like "v=DMARC1; p=none; sp=none" It should have some

Re: AW: Request for Whitelisting or Spam Score Adjustment for our TDL Domain

On 13/02/2025 20:16, Richard Doyle wrote: On 2/13/25 10:25 AM, Benny Pedersen wrote: wissen.online | Stefan Mehlhorn skrev den 2025-02-13 19:02: Hi Benny, Hi Levine, tnx! Wissen.online it also the name of our company ... so we need .online and not wissenonline.de (ist another company) stop

Re: AW: Request for Whitelisting or Spam Score Adjustment for our TDL Domain

On 2/13/25 10:25 AM, Benny Pedersen wrote: > wissen.online | Stefan Mehlhorn skrev den 2025-02-13 19:02: >> Hi Benny, Hi Levine, >> >> tnx! Wissen.online it also the name of our company ... so we need .online >> and not wissenonline.de (ist another company) >> >>> stop using send emails from pbl li

Re: Request for Whitelisting or Spam Score Adjustment for our TDL Domain

On 2025-02-13 at 12:22:44 UTC-0500 (Thu, 13 Feb 2025 18:22:44 +0100) wissen.online | Stefan Mehlhorn is rumored to have said: Dear SpamAssassin Support Team, We are a software company that provides an HR tool and we are experiencing significant problems because our emails are constantly being

Re: AW: Request for Whitelisting or Spam Score Adjustment for our TDL Domain

On Thu, 13 Feb 2025, wissen.online | Stefan Mehlhorn wrote: But, the fact and problem is this : PDS_OTHER_BAD_TLD=1.999 and with website in our signatur on top: FROM_SUSPICIOUS_NTLD_FP=1.999 We probably need to resolve the overlap, but you're not going to avoid getting *some* reputational d

Re: AW: Request for Whitelisting or Spam Score Adjustment for our TDL Domain

wissen.online | Stefan Mehlhorn skrev den 2025-02-13 19:02: Hi Benny, Hi Levine, tnx! Wissen.online it also the name of our company ... so we need .online and not wissenonline.de (ist another company) stop using send emails from pbl listed ips eq dynamic ips Yes we change it next days doing

Re: Request for Whitelisting or Spam Score Adjustment for our TDL Domain

On Thu, 13 Feb 2025, John Levine wrote: It appears that wissen.online | Stefan Mehlhorn said: Are there any specific configurations or adjustments we can make to lower the high spam score of our emails? Or can you put us on one of your global whitelists for trusted .online domains? I doubt

Re: Request for Whitelisting or Spam Score Adjustment for our TDL Domain

John Levine skrev den 2025-02-13 18:49: I'm guessing that wissen.online is the same company as wissenonline.de. That domain should work fine. de tld will fail on pbl listed ip aswell imho :=) oh never mind

AW: Request for Whitelisting or Spam Score Adjustment for our TDL Domain

eff: Re: Request for Whitelisting or Spam Score Adjustment for our TDL Domain wissen.online | Stefan Mehlhorn skrev den 2025-02-13 18:22: > Are there any specific configurations or adjustments we can make to > lower the high spam score of our emails? https://multirbl.valli.org/lookup/90.186.6

Re: Request for Whitelisting or Spam Score Adjustment for our TDL Domain

wissen.online | Stefan Mehlhorn skrev den 2025-02-13 18:22: Are there any specific configurations or adjustments we can make to lower the high spam score of our emails? https://multirbl.valli.org/lookup/90.186.69.50.html avoid using online tld X-Spam-Status No, score=1.375 tagged_above=-999

Re: Request for Whitelisting or Spam Score Adjustment for our TDL Domain

It appears that wissen.online | Stefan Mehlhorn said: >Are there any specific configurations or adjustments we can make to lower >the high spam score of our emails? > >Or can you put us on one of your global whitelists for trusted .online >domains? I doubt there is such a thing. The .online TLD

Request for Whitelisting or Spam Score Adjustment for our TDL Domain

Dear SpamAssassin Support Team, We are a software company that provides an HR tool and we are experiencing significant problems because our emails are constantly being flagged as spam by SpamAssassin. This is a critical issue for our company as it affects our communication with customers. We us

Re: when whitelisting, do what with marked SPAM?

On Tue, 14 Nov 2023, joe a wrote: On 11/14/2023 13:46:11, Matus UHLAR - fantomas wrote: On 14.11.23 13:05, joe a wrote: Low volume home office user and system. Occasionally when first dealing with a new entity, their correspondence gets flagged as SPAM. When I whitelist these, what shou

Re: when whitelisting, do what with marked SPAM?

On 14.11.23 13:05, joe a wrote: Low volume home office user and system. Occasionally when first dealing with a new entity, their correspondence gets flagged as SPAM. When I whitelist these, what should be done with those messages that might remain in "flagged SPAM" or "Missed SPAM"?, thinkin

Re: when whitelisting, do what with marked SPAM?

On 11/14/2023 13:46:11, Matus UHLAR - fantomas wrote: On 14.11.23 13:05, joe a wrote: Low volume home office user and system. Occasionally when first dealing with a new entity, their correspondence gets flagged as SPAM. When I whitelist these, what should be done with those messages that mi

Re: when whitelisting, do what with marked SPAM?

On 11/14/2023 20:48:27, John Hardin wrote: On Tue, 14 Nov 2023, joe a wrote: Low volume home office user and system. Occasionally when first dealing with a new entity, their correspondence gets flagged as SPAM. When I whitelist these, what should be done with those messages that might rema

Re: when whitelisting, do what with marked SPAM?

On Tue, 14 Nov 2023, joe a wrote: Low volume home office user and system. Occasionally when first dealing with a new entity, their correspondence gets flagged as SPAM. When I whitelist these, what should be done with those messages that might remain in "flagged SPAM" or "Missed SPAM"?, thin

Re: when whitelisting, do what with marked SPAM?

On 14.11.23 13:05, joe a wrote: Low volume home office user and system. Occasionally when first dealing with a new entity, their correspondence gets flagged as SPAM. When I whitelist these, what should be done with those messages that might remain in "flagged SPAM" or "Missed SPAM"?, thinkin

when whitelisting, do what with marked SPAM?

Low volume home office user and system. Occasionally when first dealing with a new entity, their correspondence gets flagged as SPAM. When I whitelist these, what should be done with those messages that might remain in "flagged SPAM" or "Missed SPAM"?, thinking along lines of keeping BAYES "

RE: Question about whitelisting of naadac.org

Thursday, August 12, 2021 5:43 AM To: users@spamassassin.apache.org Subject: Re: Question about whitelisting of naadac.org On Wed, 11 Aug 2021, Lukasz Maik wrote: Hi All, The company naadac.org is experiencing problems with their e-mails being marked as SPAM, when they are putting link to their domain https://

Re: Question about whitelisting of naadac.org

On 2021-08-12 at 16:16:21 UTC-0400 (Thu, 12 Aug 2021 20:16:21 +) Lukasz Maik is rumored to have said: Dear John, Sure, please find full tests results here: https://www.mail-tester.com/test-bw02eaxrt That website is not in any way authoritative, misrerpresents SpamAssassin scores, is ru

Re: Question about whitelisting of naadac.org

Hi Lukasz, The Spamassassin score looks reasonable. If mail-tester uses anything similar to a stock Spamassassin setup, then you should be safe and spamassassin will not be the cause of your delivery problems. Whitelisting a somewhat arbitrary URL will not solve your problem. Of course, it

Re: Question about whitelisting of naadac.org

Lukasz Maik writes: [not sure what the relationship of ricoh-europe is to a US .org is] > Sure, please find full tests results here: > https://www.mail-tester.com/test-bw02eaxrt > > We've lost a point for not having DKIM/DMARC authentication, which is > unfortunately not supported by our host

RE: Question about whitelisting of naadac.org

st 12, 2021 5:43 AM To: users@spamassassin.apache.org Subject: Re: Question about whitelisting of naadac.org This message was sent from an external source. Please be careful opening attachments/links or replying to sources you don't know. On Wed, 11 Aug 2021, Lukasz Maik wrote: > Hi

Re: Question about whitelisting of naadac.org

On Wed, 2021-08-11 at 20:43 -0700, John Hardin wrote: > As Kenneth said, contact Spamhaus regarding why that domain is listed. > > I took a look at it with a text-mode web browser, Lynx, thats too simple to try to process nastys and with all cookies disabled. It looked more than slightly suspect

Re: Question about whitelisting of naadac.org

On Wed, 11 Aug 2021, Lukasz Maik wrote: Hi All, The company naadac.org is experiencing problems with their e-mails being marked as SPAM, when they are putting link to their domain www.naadac.org in the signature of their mails. Is it possible to whitelist this domain/link in your SPAM filte

Re: Question about whitelisting of naadac.org

--On Wednesday, August 11, 2021 8:57 PM + Lukasz Maik wrote: The company naadac.org is experiencing problems with their e-mails being marked as SPAM, when they are putting link to their domain www.naadac.org in the signature of their mails. Is it possible to whitelis

Re: whitelisting DCC messages

Hi, > $ /var/lib/dcc/bin/dccproc -QCw whiteclnt < dcc-empty > X-DCC--Metrics: mail01.example.com 1102; Body=0 Fuz1=0 Fuz2=many > reported: 0 checksum server > env_From: d41d8cd9 8f00b204 e9800998 ecf8427e > From: 7c09

whitelisting DCC messages

Hi, This is perhaps off-topic, but does anyone have any tips on how to whitelist a message that hits DCC? I believe it's hitting DCC because it has an empty body. I've created digests for pyzor and razor, but DCC is much more involved. I've tried generate a checksum, but I don't know if this is r

Re: Whitelisting envelope-from

On Fri, 1 Jun 2018, Martin Gregorie wrote: On Fri, 2018-06-01 at 15:37 -0400, Alex wrote: Hi, I have an email with an address as follows that I'd like to whitelist: X-Envelope-From: Using whitelist_auth doesn't appear to work: whitelist_auth FredSavage*@cmail19.com Try whitelist_auth Fr

Re: Whitelisting envelope-from

On Fri, 2018-06-01 at 15:37 -0400, Alex wrote: > Hi, > I have an email with an address as follows that I'd like to > whitelist: > > X-Envelope-From: > > Using whitelist_auth doesn't appear to work: > > whitelist_auth FredSavage*@cmail19.com > Try whitelist_auth FredSavage.*@cmail19.com

Re: Whitelisting envelope-from

On 06/01/2018 02:37 PM, Alex wrote: Hi, I have an email with an address as follows that I'd like to whitelist: X-Envelope-From: Using whitelist_auth doesn't appear to work: whitelist_auth FredSavage*@cmail19.com This was really more of an experiment. I'd probably have to generalize the right

Whitelisting envelope-from

Hi, I have an email with an address as follows that I'd like to whitelist: X-Envelope-From: Using whitelist_auth doesn't appear to work: whitelist_auth FredSavage*@cmail19.com This was really more of an experiment. I'd probably have to generalize the right side because the mail could come from

Re: Whitelisting Sprint with no domain security

On Wed, 6 Dec 2017 18:03:00 -0800 (PST) John Hardin wrote: > On Wed, 6 Dec 2017, Alex wrote: > > > John wrote: > >> It's TVD_SPACE_RATIO plus some exclusions of hits on hammy rules. > > > > My point was, does it make sense for this rule to apply to an email > > with just an image attachment?

Re: Whitelisting Sprint with no domain security

gt; http://www.catb.org/esr/faqs/smart-questions.html#beprecise > > you are not the first just don't see the relevant piece and others can't > because you hold back informations > > Received-SPF: None (mailfrom) identity=mailfrom; client-ip=66.1.208.12; > helo=smtp3a.mo.

Re: Whitelisting Sprint with no domain security

; Try to capture an example message as close to the version that gets >> > fed to your SA as you can. (Your pastebin example has "Resent" >> > stuff in it that I'm betting the original did not). >> >> That's it, thanks. Removing the Resent line

Re: Whitelisting Sprint with no domain security

you can. (Your pastebin example has "Resent" > > stuff in it that I'm betting the original did not). > > That's it, thanks. Removing the Resent lines allows the whitelisting > to work. I shouldn't as your entry was: whitelist_from_rcvd *@pm.sprintpcs.com sprintpcs.com when the sprint addresses are on pm.sprint.com - i.e. without the 'pcs'.

Re: Whitelisting Sprint with no domain security

On Wed, 6 Dec 2017, Alex wrote: John wrote: What is TVD_SPACE_RATIO_MINFP? That appears to be a complex rule, but adds 2.5 points to a basic email with just an image attachment. It's TVD_SPACE_RATIO plus some exclusions of hits on hammy rules. My point was, does it make sense for this rul

Re: Whitelisting Sprint with no domain security

pcs.com sprintpcs.com >> >> Ideas greatly appreciated. > > > Try to capture an example message as close to the version that gets fed to > your SA as you can. (Your pastebin example has "Resent" stuff in it that I'm > betting the original did not). That's

Re: Whitelisting Sprint with no domain security

On Wed, 6 Dec 2017, Alex wrote: What is TVD_SPACE_RATIO_MINFP? That appears to be a complex rule, but adds 2.5 points to a basic email with just an image attachment. It's TVD_SPACE_RATIO plus some exclusions of hits on hammy rules. -- John Hardin KA7OHZhttp://www.impsec.o

Re: Whitelisting Sprint with no domain security

On Wed, 6 Dec 2017, Alex wrote: Hi, sprintpcs.com has no domain security and for some reason I can't whitelist them using whitelist_from_rcvd, or even whitelist_from just to make it even more simple. Can someone help me figure out what I'm doing wrong? Ideally I'd like to avo

Whitelisting Sprint with no domain security

Hi, sprintpcs.com has no domain security and for some reason I can't whitelist them using whitelist_from_rcvd, or even whitelist_from just to make it even more simple. Can someone help me figure out what I'm doing wrong? Ideally I'd like to avoid whitelisting them, but many peo

Re: Whitelisting DKIM-signed domains

<https://www.dnswl.org/?page_id=23> („How is this different from other whitelisting services?“) Like many other lists, the cost of running dnswl.org <http://dnswl.org/> is paid by receivers - those doing more than 100’000 queries per day on the IP-based list in our case are asked to

Re: Whitelisting DKIM-signed domains

On Wed, 11 Oct 2017 07:13:29 -0400 Rupert Gallagher wrote: > The problem I see here is the number of people who really want to > push blacklists and whitelists, as if they were a magic thing to add > to their served to catch spam and blame for the failures. Why would > you trust list B and W knowi

Re: Whitelisting DKIM-signed domains

On 10/11/2017 06:13 AM, Rupert Gallagher wrote: The problem I see here is the number of people who really want to push blacklists and whitelists, as if they were a magic thing to add to their served to catch spam and blame for the failures. Why would you trust list B and W knowing that they can

Re: Whitelisting DKIM-signed domains

, Oct 8, 2017 at 4:18 PM, David Jones wrote: > On 10/08/2017 08:42 AM, Rupert Gallagher wrote: > You are blinded by your > purpose. > > > > On Sun, Oct 8, 2017 at 9:45 AM, Matthias Leisi > wrote: >> > > Am 08.10.2017 um 00:55 schrieb Rupert Gallagher : > &

Re: Whitelisting DKIM-signed domains

> I assume that eventually this DNS query would respond with high trust: > > # dig alertsp.chase.com.dwl.dnswl.org I wondered why this query suddenly appeared from dozens and dozens of sources in the log :) That is a good example, in that it shows one point to discuss: subdomains. At least i

Re: Whitelisting DKIM-signed domains

On 10/08/2017 08:42 AM, Rupert Gallagher wrote: You are blinded by your purpose. On Sun, Oct 8, 2017 at 9:45 AM, Matthias Leisi <mailto:matth...@leisi.net>> wrote: > Am 08.10.2017 um 00:55 schrieb Rupert Gallagher : > > Whitelisting DKIM-signed domains is a bad idea for at

Re: Whitelisting DKIM-signed domains

You are blinded by your purpose. On Sun, Oct 8, 2017 at 9:45 AM, Matthias Leisi wrote: >> Am 08.10.2017 um 00:55 schrieb Rupert Gallagher : > > Whitelisting >> DKIM-signed domains is a bad idea for at least two reasons: mass-mailing >> services, and spammers who sen

Re: Whitelisting DKIM-signed domains

On 08.10.17 11:55, Matthias Leisi wrote: > If the DKIM signature does not validate, the rules do not fire. My bad, I had missed the sentence "Askdns rules awaiting for a tag which never receives its value never result in a DNS query" in http://search.cpan.org/dist/Mail-SpamAssassin/lib/Mail/SpamA

Re: Whitelisting DKIM-signed domains

alid signatures. Mailing lists breaking DKIM signature are an issue, but one that is outside of the scope of the whitelisting rules. There are ESPs who add a second DKIM signature to outgoing messages - maybe that would be the way to go for mailing lists as well, but I guess this is not an easy

Re: Whitelisting DKIM-signed domains

On 07.10.17 23:41, Matthias Leisi wrote: > More details are here https://www.dnswl.org/?p=311 Since the blog did not explain it, I'm asking here: I have a primary and several secondary domains tied to a DNSWL ID. All of these domains can be used to send emails to public mailing lists. Some maili

Re: Whitelisting DKIM-signed domains

> Am 08.10.2017 um 01:01 schrieb Benny Pedersen : > > so report spam to dnswl ? That’s always very welcome :) This was recently updated and included in the self service. If logged in on https://www.dnswl.org/selfservice/ you’ll see a section labelled „Spam Reporting“. Simple emails to admins

Re: Whitelisting DKIM-signed domains

> Am 08.10.2017 um 00:55 schrieb Rupert Gallagher : > > Whitelisting DKIM-signed domains is a bad idea for at least two reasons: > mass-mailing services, and spammers who send from real addresses of people > whose passwords were easy to guess. This is not whitelisting any and

Re: Whitelisting DKIM-signed domains

Rupert Gallagher skrev den 2017-10-08 00:55: Whitelisting DKIM-signed domains is a bad idea for at least two reasons: mass-mailing services, and spammers who send from real addresses of people whose passwords were easy to guess. so report spam to dnswl ?

Re: Whitelisting DKIM-signed domains

On 17-10-07 18:55:35, Rupert Gallagher wrote: > Whitelisting DKIM-signed domains is a bad idea for at least two > reasons: mass-mailing services, and spammers who send from real > addresses of people whose passwords were easy to guess. I second this. Cheers, Georg signature.asc De

Re: Whitelisting DKIM-signed domains

Whitelisting DKIM-signed domains is a bad idea for at least two reasons: mass-mailing services, and spammers who send from real addresses of people whose passwords were easy to guess. Sent from ProtonMail Mobile On Sat, Oct 7, 2017 at 11:41 PM, Matthias Leisi wrote: > Last week at the 4

Re: Whitelisting DKIM-signed domains

On Sat, 7 Oct 2017 15:12:42 -0700 (PDT) John Hardin wrote: > On Sat, 7 Oct 2017, Matthias Leisi wrote: > > > Note that this only works on DKIM-signed domains (DKIM_VALID). > > ...then shouldn't those negatively-scored rules be meta'd with && > DKIM_VALID? It's doing lookups on domains extract

Re: Whitelisting DKIM-signed domains

On Sat, 7 Oct 2017, Matthias Leisi wrote: Note that this only works on DKIM-signed domains (DKIM_VALID). ...then shouldn't those negatively-scored rules be meta'd with && DKIM_VALID? -- John Hardin KA7OHZhttp://www.impsec.org/~jhardin/ jhar...@impsec.orgFALaholic #1

Whitelisting DKIM-signed domains

Last week at the 41st M3AAWG meeting in Toronto there was considerable interest in domain-based whitelisting information when I presented the dnswl.org project. Obviously, this needs to be authenticated, and that’s what we have DKIM for. We created an experimental list dwl.dnswl.org (subject

Re: whitelisting mails depend of receiving header lines

On Fri, 06 Oct 2017 10:28:46 +0200 sebast...@debianfan.de wrote: > Hi @all, > > i want to add +100 points for some mails, which have a special > "received header". You mean -100 as +100 is a blacklisting score. > How can i do this? > > For example - if any message contains: "from lists.uni-l

whitelisting mails depend of receiving header lines

Hi @all, i want to add +100 points for some mails, which have a special "received header". How can i do this? For example - if any message contains: "from lists.uni-leipzig.de", spamassassin should have a rule for adding +100 points. Received: from lists.uni-leipzig.de (lists.uni-leipzig.

Re: Whitelisting Mails depend of Receiving Headers

On 10/05/2017 09:45 AM, sebast...@debianfan.de wrote: Hi @all, i want to add +100 points for some mails, which have a special "received header". Based on the subject, I assume you meant you want to subtract 100 points. How can i do this? For example - if any message contains: "from lists

Whitelisting Mails depend of Receiving Headers

Hi @all, i want to add +100 points for some mails, which have a special "received header". How can i do this? For example - if any message contains: "from lists.uni-leipzig.de", spamassassin should have a rule for adding +100 points. Received: from lists.uni-leipzig.de (lists.uni-leipzig

Re: Whitelisting amazon where no DKIM_VALID_AU exists

On 08/30/2017 02:04 PM, John Hardin wrote: On Wed, 30 Aug 2017, Kevin Golding wrote: On Wed, 30 Aug 2017 19:54:19 +0100, David Jones wrote: That ab...@amazonaws.com address is on this page: https://aws.amazon.com/forms/report-abuse Surely you can forward as attachment or either paste in th

Re: Whitelisting amazon where no DKIM_VALID_AU exists

On Wed, 30 Aug 2017, Kevin Golding wrote: On Wed, 30 Aug 2017 19:54:19 +0100, David Jones wrote: That ab...@amazonaws.com address is on this page: https://aws.amazon.com/forms/report-abuse Surely you can forward as attachment or either paste in the original headers to provide them enough d

Re: Whitelisting amazon where no DKIM_VALID_AU exists

On Wed, 30 Aug 2017 19:54:19 +0100, David Jones wrote: That ab...@amazonaws.com address is on this page: https://aws.amazon.com/forms/report-abuse Surely you can forward as attachment or either paste in the original headers to provide them enough detail to track down their bad customer.

Re: Whitelisting amazon where no DKIM_VALID_AU exists

On 08/30/2017 01:27 PM, John Hardin wrote: On Wed, 30 Aug 2017, Kris Deugau wrote: David Jones wrote:  Report it to Amazon's abuse Have you found a sane way to do this? Last time I tried I couldn't just forward the offending message as an attachment like nearly every other abuse contact ac

Re: Whitelisting amazon where no DKIM_VALID_AU exists

On Wed, 30 Aug 2017, Kris Deugau wrote: David Jones wrote: Report it to Amazon's abuse Have you found a sane way to do this? Last time I tried I couldn't just forward the offending message as an attachment like nearly every other abuse contact accepts (and generally insists on!); I got p

Re: Whitelisting amazon where no DKIM_VALID_AU exists

David Jones wrote: Report it to Amazon's abuse Have you found a sane way to do this? Last time I tried I couldn't just forward the offending message as an attachment like nearly every other abuse contact accepts (and generally insists on!); I got pointed to a webform clearly designed for re

Re: Whitelisting amazon where no DKIM_VALID_AU exists

On 08/30/2017 08:19 AM, Joseph Brennan wrote: On Tue, Aug 29, 2017 at 2:24 PM, David Jones wrote: From my experience, Amazon's Simple Email Service already has a good reputation -- not on major RBLs. I have never had problems with spam from Amazon SES and they seem to do a very good job of h

Re: Whitelisting amazon where no DKIM_VALID_AU exists

On Tue, Aug 29, 2017 at 2:24 PM, David Jones wrote: > From my experience, Amazon's Simple Email Service already has a good > reputation -- not on major RBLs. I have never had problems with spam from > Amazon SES and they seem to do a very good job of handling abuse: Clearly your domain (not be

Re: Whitelisting amazon where no DKIM_VALID_AU exists

On Tue, 29 Aug 2017 13:24:03 -0500 David Jones wrote: //aws.amazon.com/blogs/ses/tag/abuse-complaint/ > > This is my definition of a trusted sender that could be safely > whitelisted with: > > whitelist_auth *@amazonses.com > whitelist_auth *@*.amazonses.com > > The SPF_PASS will be enough wit

Re: Whitelisting amazon where no DKIM_VALID_AU exists

Hi, On Tue, Aug 29, 2017 at 2:24 PM, David Jones wrote: > On 08/29/2017 11:27 AM, Alex wrote: >> >> Hi, it appears SANS is using amazon to relay some of their mail, but >> does not sign their messages with DKIM. The mail is sent as part of >> some corporate training program they're doing, using t

Re: Whitelisting amazon where no DKIM_VALID_AU exists

On 08/29/2017 11:27 AM, Alex wrote: Hi, it appears SANS is using amazon to relay some of their mail, but does not sign their messages with DKIM. The mail is sent as part of some corporate training program they're doing, using the domain of the company contracting with them for the training. So t

Re: Whitelisting amazon where no DKIM_VALID_AU exists

Alex skrev den 2017-08-29 18:27: More generally, how can I whitelist mail that originates from something like 0101015e15fd907e-7806-4437-936b-47b4bf2a606b-000...@us-west-2.amazonses.com and has no DKIM_VALID_AU, making it impossible to whitelist by From address? whitelist_from_dkim *@* <-d tag

Re: Whitelisting amazon where no DKIM_VALID_AU exists

st mail that originates from > something like > 0101015e15fd907e-7806-4437-936b-47b4bf2a606b-000...@us-west-2.amazonses.com > and has no DKIM_VALID_AU, making it impossible to whitelist by From > address? > The definition is: whitelist_from_dkim aut...@example.com [signing-dom

Whitelisting amazon where no DKIM_VALID_AU exists

Hi, it appears SANS is using amazon to relay some of their mail, but does not sign their messages with DKIM. The mail is sent as part of some corporate training program they're doing, using the domain of the company contracting with them for the training. So the mail is signed with DKIM_VALID and

Re: New whitelisting trick using from and spf

On Tue, 7 Mar 2017 09:12:00 -0500 Dianne Skoll wrote: > SPF chose to use envelope sender not because it's more reliable, but > (I suspect) so as not to break mailing lists. More likely because the original intent was to reject as early as possible.

Re: New whitelisting trick using from and spf

On Tue, 7 Mar 2017 00:04:59 + David Jones wrote: > >Er... well.  The envelope-from is not any more trustworthy than > >the header From:.  But it *is* the thing the SPF spec say to check, > >and *not* the header From:. > It should be way more trustworthy since it is where bounces go. You ass

Re: New whitelisting trick using from and spf

On 03/06/17 15:22, David Jones wrote: From: Marc Perkel Sent: Monday, March 6, 2017 11:05 AM To: users@spamassassin.apache.org Subject: Re: New whitelisting trick using from and spf do you mean the header From: address? because anyone doing SPF does spf checks does what you describe on the

Re: New whitelisting trick using from and spf

>From: Dianne Skoll >Sent: Monday, March 6, 2017 5:40 PM >To: users@spamassassin.apache.org >Subject: Re: New whitelisting trick using from and spf   >On Mon, 6 Mar 2017 23:22:00 + >David Jones wrote: >> Not good.  SPF should be checked against the envelope-from

Re: New whitelisting trick using from and spf

On Mon, 6 Mar 2017 23:22:00 + David Jones wrote: [...] > Not good. SPF should be checked against the envelope-from > address which is more trustworthy. Er... well. The envelope-from is not any more trustworthy than the header From:. But it *is* the thing the SPF spec say to check, and *n

Re: New whitelisting trick using from and spf

>From: Marc Perkel >Sent: Monday, March 6, 2017 11:05 AM >To: users@spamassassin.apache.org >Subject: Re: New whitelisting trick using from and spf >> do you mean the header From: address? >> >> because anyone doing SPF does spf checks does what you describe o

Re: New whitelisting trick using from and spf

but good email and they send through reputable email sender services which are mostly good by not perfect. So can't just whitelist that. What I'm doing now is whitelisting the domains that are good, but doing SPF checks on the from address. do you mean the header From: address? beca

Re: New whitelisting trick using from and spf

> On Mar 6, 2017, at 12:58 PM, David B Funk > wrote: > > On Mon, 6 Mar 2017, Alan Hodgson wrote: > >>> It seems it should be easy to setup “If mail claims to be From: PayPal.com >>> and is not from PayPal, score +100” but it is not. >> >> This is what DMARC is for. >> >> Run opendmarc as a m

Re: New whitelisting trick using from and spf

On Mon, 6 Mar 2017 11:58:25 -0600 (CST) David B Funk wrote: > But that won't help you when the scammers set the user visible from > as "acco...@paypai.com" or some other variant (with the actual > address part as or something else. I recall someone bringing this up on the DMARC discussion list.

  1   2   3   4   5   >