Hi Steve,
Thanks for the info.
However the version of MailScanner that i use does not support this
attribute.
Is there other place were i can add this header.
Kindly regards,
Yossi
Steve Freegard-2 wrote:
>
> Matt Kettler wrote:
>> yossim wrote:
>>> Hi forum, I am running MailScanner integr
> -Original Message-
> From: news [mailto:[EMAIL PROTECTED] On Behalf Of René Berber
> Sent: 22 August 2007 07:42
> To: users@spamassassin.apache.org
> Subject: Re: BOTNET Exceptions for Today
>
> John Rudd wrote:
>
> > René Berber wrote:
> >> Here's a good example of why Botnet's default
On 22.08.07 11:47, Sg wrote:
> Suddenly my collegue mails are recieved as spam by 3.1.7 SA. I added to
> them on white list entry. Why it comes like this suddenly? any solution?
maybe your colleague got onto blacklist?
Hard to say without seeing headers
--
Matus UHLAR - fantomas, [EMAIL PROTECTED
Hi!
Suddenly my collegue mails are recieved as spam by 3.1.7 SA. I added to
them on white list entry. Why it comes like this suddenly? any solution?
maybe your colleague got onto blacklist?
Hard to say without seeing headers
Or is he using a image as footer, with the current SA rules you ge
yossim wrote:
Hi Steve,
Thanks for the info.
However the version of MailScanner that i use does not support this
attribute.
Is there other place were i can add this header.
No - you'll have to upgrade MailScanner if you want to be able to do
this (it isn't hard).
Kind regards,
Steve.
Hello all!
Im using Postfix as MTA and use the procmailrc script in each $HOME dir to
filter and delete spam immeditately before it get's into the user's mailbox.
For some users I do have to send all incoming mail for [EMAIL PROTECTED] to
another mailserver [EMAIL PROTECTED] by using the /etc/
header __RCVD_IN_JMFILTER
eval:check_rbl('JMFILTER','hostkarma.junkemailfilter.com.')
describe __RCVD_IN_JMFILTER Sender listed in JMFILTER
tflags __RCVD_IN_JMFILTER net
header RCVD_IN_JMFILTER_W eval:check_rbl_sub('JMFILTER', '127.0.0.1')
describe RCVD_IN_JMFILTER_W Sender listed in JMFILTER-WH
Sg wrote:
> Hi
>
> Suddenly my collegue mails are recieved as spam by 3.1.7 SA. I added
> to them on white list entry. Why it comes like this suddenly? any
> solution?
could be anything. Got an X-Spam-Status to provide us a clue?
Well, maybe I didn't explain it properly we are not providing relay for the
outgoing mail, we are only filtering for viruses/spam the incoming mails and
the part that are junk of them are the ones bouncing to us and giving
problems.
Relay service is a non-op in the current spam war. If you
> do
Hello all,
I have two mailservers, a primary and a secondary MX.
The primary MX is a spamassassin (3.2.3 on Ubuntu Linux) box that is
placed inline of a MS Exchange machine.
Spamassassin is doing a good job, especialy with the RBL's I am using.
The backup MX is a simple EXIM which does only for
hi --
What you want is the VBounce ruleset, including in SpamAssassin 3.2.x or
downloadable for 3.1.x here:
http://wiki.apache.org/spamassassin/VBounceRuleset . It's designed
to deal with exactly what you're describing.
--j.
sacoo sacoo writes:
> Well, maybe I didn't explain it properly we are
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Rense Buijen schrieb:
> The problem now lies with the RBL's, when the SA box dies, the mail will
> be queued on my Exim box and when service is restored, it will forward
> it again BUT the last "Received from:" path will be of course the Exim
> host
Hi Matthias,
Thank you for your (quick) reply.
I cannot utilize the trusted_networks settings because I cannot trust
the mail that my backup MX sends to me.
The backup MX does NO filtering at all, it just accepts ALL mail that
has a certain destination domain and then forwards it to the Prima
Hi
I cannot utilize the trusted_networks settings because I cannot trust
the mail that my backup MX sends to me.
The backup MX does NO filtering at all, it just accepts ALL mail that
has a certain destination domain and then forwards it to the Primary
MX where SA is running, SA is doing all t
Hi Matthias,
Thank you for your (quick) reply.
I cannot utilize the trusted_networks settings because I cannot trust
the mail that my backup MX sends to me.
The backup MX does NO filtering at all, it just accepts ALL mail that
has a certain destination domain and then forwards it to the Prima
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Rense Buijen schrieb:
> Thank you for your (quick) reply.
> I cannot utilize the trusted_networks settings because I cannot trust
> the mail that my backup MX sends to me.
But your backup MX is "trusted" in the sense that it will not forge
sender a
Hi Pawel,
I dont think I can check the recipient, if it doesnt exist the
mailserver should send a normal bounce like every mailserver does,
right? So does the primary machine (Exchange) I dont see a problem with
that.
Do you know if there is another good setup without having to sync all my
Mathhias,
The problem is that when the mail enters the backup MX, we dont know if
that mail is blacklisted at for instance spamcop.
So if the backup mx accepts the mail (because it's dumb and it will
accept it), and my primary mx (SA) has set the backup mx as trusted
network/source, the mail w
Thats the one
Ben
On 8/22/07, Rense Buijen <[EMAIL PROTECTED]> wrote:
>
> ...thats it? So it will skip the IP of the second MX and do an RBL check
> against the IP who'm delivered it to the second MX? COOL! I thought it
> would just ignore everything and pass on the mail Thanks!
>
> Ben O'Har
Rense Buijen wrote:
> Mathhias,
>
> The problem is that when the mail enters the backup MX, we dont know
> if that mail is blacklisted at for instance spamcop.
> So if the backup mx accepts the mail (because it's dumb and it will
> accept it), and my primary mx (SA) has set the backup mx as truste
On Wed, 22 Aug 2007, Euroka wrote:
> For some users I do have to send all incoming mail for
> [EMAIL PROTECTED] to another mailserver [EMAIL PROTECTED] by using
> the /etc/postfix/virtual file.
That bypasses local delivery.
> So how can I delete all SPAM immediately before it's being
> forwarded
Thanks a lot all, it's all clear to me now!
I though that the trusted networks mean that the message will just be
passed it it came from that source.
I didnt know it will skip to the next "Received" IP. Thanks a lot.
One question about the "backscatter" problem though, if I understand
correctl
Thanks again to everybody who responded, and steered me in the right direction.
I'm very close to getting John Simpson's validrcptto qmail patch described at
http://qmail.jms1.net/patches/validrcptto.cdb.shtml in place on the mailhub
machine to prevent passing Rumpelstiltskin problem e-mail
Hi all,
Having problems getting PDFInfo to load.
Basic machine info:
Sun Solaris 5.9
perl v5.8.9
spamassassin v3.2.2
PDFInfo v0.8
init.pre entry: loadplugin Mail::SpamAssassin::Plugin::PDFInfo
/etc/mail/spamassassin/plugins (which is where I ha
Rense Buijen wrote on Wed, 22 Aug 2007 16:01:09 +0200:
> I think Exchange is configured the right way
> in such a way that it knows what users it has on the system..
But your backup MX doesn't. As you say you are taking in all mail, forward
it to primary and then bounce it back to the sender. B
On Wed, 22 Aug 2007 at 10:21 -0400, [EMAIL PROTECTED] confabulated:
Hi all,
Having problems getting PDFInfo to load.
Basic machine info:
Sun Solaris 5.9
perl v5.8.9
spamassassin v3.2.2
PDFInfo v0.8
init.pre entry: loadplugin Mail::SpamAssassin
Hi Kai,
I didn't know that a backup MX can lead to more trouble then having just
one, gee, I thought it was a good thing but it turned out to be a quite
bad one :)
I'll go and use LDAP on the second MX to make sure the remote user
exists, otherwise drop it silently.
It's indeed getting a bit o
Rense Buijen wrote:
> Thanks a lot all, it's all clear to me now!
> I though that the trusted networks mean that the message will just be
> passed it it came from that source.
> I didnt know it will skip to the next "Received" IP. Thanks a lot.
>
> One question about the "backscatter" problem thou
On 8/22/07, Justin Mason <[EMAIL PROTECTED]> wrote:
>
>
> hi --
>
> What you want is the VBounce ruleset, including in SpamAssassin 3.2.x or
> downloadable for 3.1.x here:
> http://wiki.apache.org/spamassassin/VBounceRuleset . It's designed
> to deal with exactly what you're describing.
Yeah I s
At 10:35 AM 8/22/2007, Duane Hill wrote:
On Wed, 22 Aug 2007 at 10:21 -0400, [EMAIL PROTECTED] confabulated:
Hi all,
Having problems getting PDFInfo to load.
Basic machine info:
Sun Solaris 5.9
perl v5.8.9
spamassassin v3.2.2
PDFInfo v0.8
I think it might be easier if you would simply have a conversation with
the techy folks at your customers- invite them to configure THEIR system
so that either everything from YOUR system is OK no matter what spam
status it has (they can route it to bit-bucket or whatever) or turn off
the reject-no
Per Jessen wrote:
> I have seen this once or twice, but still very rarely - spamd will
> fail to restart after receiving a SIGHUP. It stops, but does not
> restart. There's nothing in the log to indicate why. Has anyone seen
> the same?
OK, this happened yesterday and now just again. Any sugg
On 8/22/07, Kevin Parris <[EMAIL PROTECTED]> wrote:
> I think it might be easier if you would simply have a conversation with
> the techy folks at your customers- invite them to configure THEIR system
> so that either everything from YOUR system is OK no matter what spam
> status it has (they can r
Per Jessen writes:
> Per Jessen wrote:
>
> > I have seen this once or twice, but still very rarely - spamd will
> > fail to restart after receiving a SIGHUP. It stops, but does not
> > restart. There's nothing in the log to indicate why. Has anyone seen
> > the same?
>
> OK, this happened yes
Rense Buijen wrote on Wed, 22 Aug 2007 16:43:19 +0200:
> I didn't know that a backup MX can lead to more trouble then having just
> one
Unfortunately, backup MXes attract spammers :-(. You could at least add
some more backup MXs (that don't exist) on top of that, that may help to
reduce the in
It's still not clear (at least to me) what you actually want to do and
what happens that creates a problem.
You provide virus scanning, but not spam scanning? And they reject the
"spam" coming from you? Is that what happens?
Visit them and take a big club with you. It's obviously *completely*
un
On 8/22/07, Kai Schaetzl <[EMAIL PROTECTED]> wrote:
> It's still not clear (at least to me) what you actually want to do and
> what happens that creates a problem.
> You provide virus scanning, but not spam scanning? And they reject the
> "spam" coming from you? Is that what happens?
> Visit them a
Is there a way to white list based on the IP using the Received from. We
have whitelisted our local domain but have noticed some that spoof our
domain. However the Received from tag is usually a different IP.
Is it good practice to whitelist using IP?
thanks
Dean
Dean Clapper wrote:
> Is there a way to white list based on the IP using the Received from.
> We have whitelisted our local domain but have noticed some that spoof
> our domain. However the Received from tag is usually a different IP.
>
> Is it good practice to whitelist using IP?
whitelist_from
On 8/22/07, Noel Jones <[EMAIL PROTECTED]> wrote:
>
> On 8/22/07, Kai Schaetzl <[EMAIL PROTECTED]> wrote:
> > It's still not clear (at least to me) what you actually want to do and
> > what happens that creates a problem.
> > You provide virus scanning, but not spam scanning? And they reject the
>
Hello,
I hoticed that even if much of dynamic ranges are detected, but there are
still some undetected.
chello.sk uses hostnames with full IP's and without delimiters, for example
chello085216200090.chello.sk, which do not match dynamic IP tests.
I wonder if someone could push such check into di
On 8/22/07, Rense Buijen <[EMAIL PROTECTED]> wrote:
>
> Thanks a lot all, it's all clear to me now!
> I though that the trusted networks mean that the message will just be
> passed it it came from that source.
> I didnt know it will skip to the next "Received" IP. Thanks a lot.
>
> One question abo
On 22 Aug 2007, John Rudd spake thusly:
> Nix wrote:
>> My ISP doesn't give me that option (well, OK, it probably gives *me*
>> that option because I can bug the ISP's technical director, but not
>> people who've posted bonds). I'd venture to guess that the vast majority of
>> small business UK IS
Hi,
Im using qmail,vpopmail,clamav,and SA 3.0.1 under RHEL4
We send newsletters frequently so I really understand that it will cost a
lot of cpu usage. I was thinking if I can setup the SA into a different
machine, not with the email server. So I can gain more cpu usage. when it
goes to 99 to 10
On Wed, 22 Aug 2007, Rense Buijen wrote:
> I didn't know that a backup MX can lead to more trouble then
> having just one, gee, I thought it was a good thing but it turned
> out to be a quite bad one :)
It *is* a good idea. You just can't cheap out on configuring it.
Ideally, your backup MXs sh
> Hi,
>
> Im using qmail,vpopmail,clamav,and SA 3.0.1 under RHEL4
>
> We send newsletters frequently so I really understand
> that it will cost a lot of cpu usage. I was thinking if I
> can setup the SA into a different machine, not with the
> email server. So I can gain more cpu usage. when it g
So sir, I can just setup an updated verision of SA in a different server and
configure it to scan remote servers? can u please send a link how to that..
Im not that good yet..:working:
Linooks wrote:
>
> Hi,
>
> Im using qmail,vpopmail,clamav,and SA 3.0.1 under RHEL4
>
> We send newsletters fr
* Linooks <[EMAIL PROTECTED]>:
>
> Hi,
>
> Im using qmail,vpopmail,clamav,and SA 3.0.1 under RHEL4
>
> We send newsletters frequently so I really understand that it will cost a
> lot of cpu usage.
Why would it? Can't you inject the newsletter in such a way that it
circumvents SA & clamav?
--
Thats also my problem, I did not set this email server..
How would I do what you recommend?
Thanks,
Ralf Hildebrandt wrote:
>
> * Linooks <[EMAIL PROTECTED]>:
>>
>> Hi,
>>
>> Im using qmail,vpopmail,clamav,and SA 3.0.1 under RHEL4
>>
>> We send newsletters frequently so I really understand
On Wed, 22 Aug 2007, Linooks wrote:
> Thats also my problem, I did not set this email server..
>
> How would I do what you recommend?
First question: how is SA being called? Then we can offer advice.
--
John Hardin KA7OHZhttp://www.impsec.org/~jhardin/
[EMAIL PROTECTED]
I have no idea, but I think the server uses simscan to call clam and SA. I
hope that helps..
John D. Hardin wrote:
>
> On Wed, 22 Aug 2007, Linooks wrote:
>
>> Thats also my problem, I did not set this email server..
>>
>> How would I do what you recommend?
>
> First question: how is SA bein
On Mon, 20 Aug 2007, Duane Hill wrote:
On Mon, 20 Aug 2007 at 16:24 -0600, [EMAIL PROTECTED] confabulated:
On Fri, 17 Aug 2007, Eric A. Hall wrote:
On 8/16/2007 12:39 PM, Marc Perkel wrote:
OK - it's interesting that of all of you who responded this is the only
person who is doing it right
On Mon, 20 Aug 2007, David B Funk wrote:
On Mon, 20 Aug 2007, Duane Hill wrote:
On Mon, 20 Aug 2007 at 16:24 -0600, [EMAIL PROTECTED] confabulated:
[snip..]
I have to second that... In the early days when spammers were just
getting started, we started using some RBL's at the MTA level. O
Linooks wrote:
I have no idea, but I think the server uses simscan to call clam and SA. I
hope that helps..
If you are using simscan you can add
[EMAIL PROTECTED]:spam=no,clam=yes
to the /var/qmail/control/simcontrol file and then run
/var/qmail/bin/simscanmk.
[EMAIL PROTECTED] is the em
Cool!! i will try this one,, a very big thanks!! muah! I think this will
work!
Rick Macdougall-2 wrote:
>
> Linooks wrote:
>> I have no idea, but I think the server uses simscan to call clam and SA.
>> I
>> hope that helps..
>>
>>
>
> If you are using simscan you can add
>
> [EMAIL PROTECTE
Michael Chapman wrote:
Well, nothing has worked so far ... every message that I have coming
in (except for the specifically white-listed messages from this
mailing list) have USER_IN_BLACKLIST flagged. Where on earth is it
getting this? You've seen my local.cf, I don't have a user_prefs
anym
On Wed, 22 Aug 2007, maillist wrote:
*PLEASE* prune your replies.
> You may want to try to turn off bayes_auto_learn or just turn off
> bayes all together. Maybe your bayes have become corrupt.
How would bayes cause the USER_IN_BLACKLIST rule to fire?
--
John Hardin KA7OHZ
Justin Mason wrote:
> Per Jessen writes:
>> Per Jessen wrote:
>>
>>> I have seen this once or twice, but still very rarely - spamd will
>>> fail to restart after receiving a SIGHUP. It stops, but does not
>>> restart. There's nothing in the log to indicate why. Has anyone seen
>>> the same?
>> O
58 matches
Mail list logo
