On Tue, June 3, 2008 08:32, Henrik K wrote:
>> What I am talking about is not greylisting google based upon those addresses
>> and sending right to SA for scoring
try spf, and skip greylist based on pass, well still not good since spammers
can olso use spf, but still alot better then below here
On Tue, Jun 03, 2008 at 11:56:41AM +0200, Benny Pedersen wrote:
>
> On Tue, June 3, 2008 08:32, Henrik K wrote:
>
> >> What I am talking about is not greylisting google based upon those
> >> addresses
> >> and sending right to SA for scoring
>
> try spf, and skip greylist based on pass, well st
Benny Pedersen wrote:
On Tue, June 3, 2008 08:32, Henrik K wrote:
What I am talking about is not greylisting google based upon those addresses
and sending right to SA for scoring
try spf, and skip greylist based on pass, well still not good since spammers
can olso use spf, but still
Robert - elists wrote:
Since they seem to have zillions of outbound mx machines
I did this in response to some email latency issues.
dig google.com txt
google.com. 31 IN TXT "v=spf1
include:_netblocks.google.com ~all"
then i
dig _netblocks.google.com txt
_netblocks
On Tue, June 3, 2008 12:38, mouss wrote:
> I think he meant whitelisting when the rDNS is verified (FcrDNS) by a
> "double lookup". That's what a postfix check_client_access will do.
whitelist_dnsname in policyd does it, i will test if postfix does the same,
thanks for pointing it out :-)
Benn
On Tue, June 3, 2008 12:34, Henrik K wrote:
> Do you have access to google's DNS?
only use it from spf
> http://en.wikipedia.org/wiki/Forward_Confirmed_reverse_DNS
i know this fact, but OP question only based on reverse :/
Benny Pedersen
Need more webspace ? http://www.servage.net/?coupon=cu
On Tue, 3 Jun 2008 at 15:42 +0300, [EMAIL PROTECTED] confabulated:
On Tue, Jun 03, 2008 at 02:02:29PM +0200, Benny Pedersen wrote:
http://en.wikipedia.org/wiki/Forward_Confirmed_reverse_DNS
i know this fact, but OP question only based on reverse :/
One should always assume "reverse" means
On Tue, Jun 03, 2008 at 02:02:29PM +0200, Benny Pedersen wrote:
>
> > http://en.wikipedia.org/wiki/Forward_Confirmed_reverse_DNS
>
> i know this fact, but OP question only based on reverse :/
One should always assume "reverse" means _confirmed_ reverse. I don't know
why anyone would assume other
D Hill wrote:
[snip]
In Postfix:
reject_unknown_reverse_client_hostname
Reject the request when the client IP address has no address->name
mapping.
reject_unknown_client_hostname
Reject the request when 1) the client IP address->name mapping fails,
2) the name->address mappi
On Tue, Jun 03, 2008 at 01:08:07PM +, D Hill wrote:
> On Tue, 3 Jun 2008 at 15:42 +0300, [EMAIL PROTECTED] confabulated:
>
>> On Tue, Jun 03, 2008 at 02:02:29PM +0200, Benny Pedersen wrote:
>>>
http://en.wikipedia.org/wiki/Forward_Confirmed_reverse_DNS
>>>
>>> i know this fact, but OP ques
On Tue, 3 Jun 2008 at 16:15 +0300, [EMAIL PROTECTED] confabulated:
On Tue, Jun 03, 2008 at 01:08:07PM +, D Hill wrote:
On Tue, 3 Jun 2008 at 15:42 +0300, [EMAIL PROTECTED] confabulated:
On Tue, Jun 03, 2008 at 02:02:29PM +0200, Benny Pedersen wrote:
http://en.wikipedia.org/wiki/Forward
On Tue, 3 Jun 2008 at 15:30 +0200, [EMAIL PROTECTED] confabulated:
D Hill wrote:
[snip]
In Postfix:
reject_unknown_reverse_client_hostname
Reject the request when the client IP address has no address->name
mapping.
reject_unknown_client_hostname
Reject the request when 1) the
Benny Pedersen escreveu:
whitelist_dnsname in policyd does it, i will test if postfix does the same,
thanks for pointing it out :-)
policyd does whitelist_dnsname based on reverse passed by postfix.
policyd itself does NOT reverse lookups.
The good is that postfix only passes rev
Robert - elists escreveu:
Since they seem to have zillions of outbound mx machines
Are most of you whitelisting these blocks ?
has anyone noticed if these are pretty static or do these TXT records change
frequently or otherwise?
the only whitelist i apply to gmail is whitelist their s
Here's a short list of banks often spoofed in phishing scams. I'm using
this list as follows:
If the FCrDNS matches one of these domains it is ham.
If the sender or from address matches one of these domains and the
domain doesn't appear in the Received headers - it's a phish.
If anyone has an
>
> I think he meant whitelisting when the rDNS is verified (FcrDNS) by a
> "double lookup". That's what a postfix check_client_access will do.
>
> [snip]
Mouss
I think I wanted to whitelist inside my greylist the google IP netblocks
space.
They have a zillion outbound MX servers and some cli
On 02.06.08 20:09, Giovanni Mancuso wrote:
> i replaced my Sophos Antispam, with Amavis that use Mail::SpamAssassin
> library.
> The spam has reduced but i recive many spam emails in Cyrillic. In my
> local.cf file i write:
>ok_languages all
>ok_locales all
it's the same as if you did
> On Mon, June 2, 2008 22:29, Jari Fredriksson wrote:
>
Ours works just fine across multiple MX server calling
multiple spamd servers with a replicated mysql backend.
>>> just a shame this does not work with amavisd :/
>> Works fine. I use amavisd, but I have disabled it's
>> SpamAssassi
Marc Perkel wrote:
If the FCrDNS matches one of these domains it is ham.
If the sender or from address matches one of these domains and the
domain doesn't appear in the Received headers - it's a phish.
citibank.com
It's worth noting that Citibank still sometimes uses other domains.
I've see
Robert - elists wrote:
I think he meant whitelisting when the rDNS is verified (FcrDNS) by a
"double lookup". That's what a postfix check_client_access will do.
[snip]
Mouss
I think I wanted to whitelist inside my greylist the google IP netblocks
space.
They have a zillion outbound MX s
On Tue, June 3, 2008 18:10, Jari Fredriksson wrote:
> I do it with amavis so, that I disable SA from amavis, and use spamc/spamd
> instead.
why not get rid of amavis ?
> Still using my amavis for viruses, so I'm all good with amavis ;D
use clamsmtp
but you will soon see that amavis does more
> On Tue, June 3, 2008 18:10, Jari Fredriksson wrote:
>
>> I do it with amavis so, that I disable SA from amavis,
>> and use spamc/spamd instead.
>
> why not get rid of amavis ?
>
>> Still using my amavis for viruses, so I'm all good with
>> amavis ;D
>
> use clamsmtp
>
> but you will soon se
--On Tuesday, June 3, 2008 9:32 -0700 Kelson <[EMAIL PROTECTED]> wrote:
Marc Perkel wrote:
If the FCrDNS matches one of these domains it is ham.
If the sender or from address matches one of these domains and the
domain doesn't appear in the Received headers - it's a phish.
citibank.com
It'
royalbankofcanada.com
This is the wrong URL for the Royal Bank, it appears to be a domain
camping site. Generally RBC's emails come from rbc.com, they also own
royalbank.com, royalbank.ca, rbcroyalbank.ca and rbcroyalbank.com.
Also you can add:
desjardins.com
I get a fair number of phishing
Patrick McLean wrote:
royalbankofcanada.com
This is the wrong URL for the Royal Bank, it appears to be a domain
camping site. Generally RBC's emails come from rbc.com, they also own
royalbank.com, royalbank.ca, rbcroyalbank.ca and rbcroyalbank.com.
Also you can add:
desjardins.com
I get
I am getting dozens of Spam email pass thru spamassassin with the header:
X-Lennon.Postino-Lennon_June_2008_MailScanner-SpamAssassinCheckv3.2.4: not spam
(whitelisted),
SpamAssassin (not cached, score=15.769, required 4.1, autolearn=spam,
DATE_IN_FUTURE_12_24 3.30, RCVD_IN_BL_SPA
On Tue, Jun 03, 2008 at 08:41:32PM -0700, [EMAIL PROTECTED] wrote:
> X-Lennon.Postino-Lennon_June_2008_MailScanner-SpamAssassinCheckv3.2.4: not
> spam (whitelisted),
> SpamAssassin (not cached, score=15.769, required 4.1, autolearn=spam,
> DATE_IN_FUTURE_12_24 3.30, RCVD_IN_BL_SPAMCOP_
27 matches
Mail list logo
