Hi Martin,
Thanks for the reply.
> Please keep your messages on the SA Users list.
Here's my Cc line on the message you replied to:
Cc: RW , "users@spamassassin.apache.org"
I don't know why it wouldn't go through to the list, perhaps I
shouldn't include spammy terms in the message body (I n
On Sat, 2016-12-17 at 15:37 -0800, frede...@ofb.net wrote:
> Thank you John, that does help clarify things a bit. Also thanks to
> Martin - I was typing this message when I received yours, but maybe
> this will answer some of your questions.
>
Please keep your messages on the SA Users list. Apart
" (which my mail setup is configured to use) still give
> it a 4.0. So it seems that something more mundane is going on,
> although I'm not sure what. I hope it's not that I've just done
> something stupid again.
>
> Also, it seems that I should have set up a &
d the report from "spamassassin -t" (with a "URIBL_BLOCKED"
> rule).
>
> Thank you,
>
> Frederick
>
> On Sat, Dec 17, 2016 at 07:16:43PM +, David Jones wrote:
> >
> >
> > >
> > > From: RW
> > > Sent: Satu
On Sat, 17 Dec 2016, frede...@ofb.net wrote:
Also, it seems that I should have set up a "caching nameserver". I've
attached the report from "spamassassin -t" (with a "URIBL_BLOCKED"
rule).
The important part is that your MTA/SA not use your ISP or hosting
provider's DNS sever, and the local M
.
Thank you,
Frederick
On Sat, Dec 17, 2016 at 07:16:43PM +, David Jones wrote:
>
> >From: RW
> >Sent: Saturday, December 17, 2016 8:02 AM
> >To: users@spamassassin.apache.org
> >Subject: Re: recent increase in spam getting through
>
> >On Sa
>From: RW
>Sent: Saturday, December 17, 2016 8:02 AM
>To: users@spamassassin.apache.org
>Subject: Re: recent increase in spam getting through
>On Sat, 17 Dec 2016 13:35:16 +
>David Jones wrote:
>> That mail server IP above is on a very high number of RBLs:
>
On Sat, 17 Dec 2016 13:35:16 +
David Jones wrote:
> That mail server IP above is on a very high number of RBLs:
> http://multirbl.valli.org/lookup/173.230.94.183.html
>
> The edge MX server 104.197.242.163 must not be doing any
> MTA checks of RBLs.
As I already mentioned it's normal to g
>From: frede...@ofb.net
>Sent: Saturday, December 17, 2016 1:35 AM
>To: users@spamassassin.apache.org
>Cc: John Hardin
>Subject: Re: recent increase in spam getting through
>Here's the sample spam:
> From tfioxmns...@mariupol.us Fri Dec 16 20:30:08 2016
>
Dear all,
Thanks for all the replies to my question, I think all of them were
useful to read. Thank you all for your time.
I wasn't sure whom to reply to, but I've been tinkering with my setup
and I think that many spam messages are getting through which should
be caught by the so-called "Bayesia
Hi Marc, I would say off hand that amavis and mailscanner aren't the same thing
as mimedefang.
Sure they can strap in clamd and spamd but they are more products than
frameworks.
Mimedefang would likely frustrate non programmers because it doesn't strap
things in by default and using it you nee
Am 2016-12-15 19:56, schrieb Ian Zimmerman:
By now I have heard of MIMEDefang many times, and each time I wanted to
try it. But it seems to require the milter interface in the MTA
(ie. sendmail or _maybe_ postfix), and I'm married to Exim. :-(
Well, MIMEDefang is not the only kid on the block
On Thu, 15 Dec 2016 20:20:02 +
David Jones wrote:
> >From: Martin Gregorie
> >Sent: Thursday, December 15, 2016 1:39 PM
> >To: users@spamassassin.apache.org
> >Subject: Re: recent increase in spam getting through
>
> >On Thu, 2016-12-15 at 18:23 +
>From: Martin Gregorie
>Sent: Thursday, December 15, 2016 1:39 PM
>To: users@spamassassin.apache.org
>Subject: Re: recent increase in spam getting through
>On Thu, 2016-12-15 at 18:23 +, David Jones wrote:
>> There are many valuable SMTP realtime checks that must b
On Thu, 2016-12-15 at 18:23 +, David Jones wrote:
> There are many valuable SMTP realtime checks that must be done at
> the edge MTA. Since you don't have control of this, then you have to
> resort to tuning SA constantly which is a never-ending game of
> cat-n-mouse since spam changes charact
Ian Zimmerman skrev den 2016-12-15 19:56:
On 2016-12-15 11:32, Kevin A. McGrail wrote:
I'm a fan of MIMEDefang but I am not very familiar with Arch Linux so
I don't know what mta you are using nor it's capabilities.
By now I have heard of MIMEDefang many times, and each time I wanted to
try i
On 2016-12-15 12:56, Ian Zimmerman wrote:
On 2016-12-15 11:32, Kevin A. McGrail wrote:
I'm a fan of MIMEDefang but I am not very familiar with Arch Linux so
I don't know what mta you are using nor it's capabilities.
By now I have heard of MIMEDefang many times, and each time I wanted to
try i
On 2016-12-15 11:32, Kevin A. McGrail wrote:
> I'm a fan of MIMEDefang but I am not very familiar with Arch Linux so
> I don't know what mta you are using nor it's capabilities.
By now I have heard of MIMEDefang many times, and each time I wanted to
try it. But it seems to require the milter int
> There are many valuable SMTP realtime checks that must be done at
> the edge MTA. Since you don't have control of this, then you have to
> resort to tuning SA constantly which is a never-ending game of
> cat-n-mouse since spam changes characteristics all of the time.
That was unfortunately my
>From: frede...@ofb.net
>Sent: Thursday, December 15, 2016 11:26 AM
>To: David Jones
>Cc: users@spamassassin.apache.org
>Subject: Re: recent increase in spam getting through
>I'm using a friend's MTA, which is perhaps the source of the recent
>change - I'
20d4"
On Thu, Dec 15, 2016 at 04:42:16PM +, David Jones wrote:
> >From: frede...@ofb.net
> >Sent: Thursday, December 15, 2016 9:33 AM
> >To: users@spamassassin.apache.org
> >Subject: recent increase in spam getting through
>
> > X-Spam-Status: No,
>From: frede...@ofb.net
>Sent: Thursday, December 15, 2016 9:33 AM
>To: users@spamassassin.apache.org
>Subject: recent increase in spam getting through
> X-Spam-Status: No, score=0.3 required=5.0 tests=BAYES_05,HTML_MESSAGE,
> RDNS_NONE,T_SPF_TEMPERROR autolearn=
On Thu, 15 Dec 2016, frede...@ofb.net wrote:
sudo -u spamd sa-learn --showdots -D 1 --ham --dir ~/mail/folders/inbox
Bad idea. That learns as ham any FNs you haven't yet noticed and removed
from your inbox.
You should only learn as ham messages that you have explicitly reviewed
and judged
On 12/15/2016 11:24 AM, frede...@ofb.net wrote:
No, I only run Spamassassin. I take it that 'clamav' would improve
things.
I don't have numbers in front of me, but these malicious payloads with
zips are quite common but we don't
What do you mean "if you are using an engine that can do it"?
Spam
Hi Kevin,
Thanks for your reply.
On Thu, Dec 15, 2016 at 11:07:33AM -0500, Kevin A. McGrail wrote:
> On 12/15/2016 10:33 AM, frede...@ofb.net wrote:
> > Dear Spamassassin,
> >
> > I've seen a recent increase in spam getting through Spamassassin...
> > I've
On 12/15/2016 10:33 AM, frede...@ofb.net wrote:
Dear Spamassassin,
I've seen a recent increase in spam getting through Spamassassin...
I've been getting groups of spam messages which have the same subject,
often with zip attachments. Here's a screenshot from Mutt:
It&#
Dear Spamassassin,
I've seen a recent increase in spam getting through Spamassassin...
I've been getting groups of spam messages which have the same subject,
often with zip attachments. Here's a screenshot from Mutt:
36604 N * Dec 15 %GIRL_NAME Lyon (0.2K) Re: Healthy soul
27 matches
Mail list logo
