On Thu, 3 Sep 2020, bobby wrote:
I am following this tutorial:
https://www.linuxbabe.com/redhat/spamassassin-centos-rhel-block-email-spam.I
followed the steps in "Move Spam
into the Junk Folder". When I send an email from a blacklisted e-mail address,
I get a bounce e-mail from my e-mail ser
On Fri, 9 Apr 2021, spamassas...@mach2.franken.de wrote:
Am 07.04.2021 um 12:27 schrieb Antony Stone:
I am running said packet install from an internet tutorial.
Who wrote that tutorial and where does it point you to get the packages
from?
Antony.
Hmm, it says execute the following comm
On Thu, 22 Apr 2021, Matus UHLAR - fantomas wrote:
On 22.04.21 14:21, Steve Dondley wrote:
pts rule name description
--
--
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/,
On Fri, 23 Apr 2021, Steve Dondley wrote:
I'm looking at KAM.cf. There is this rule:
body__KAM_WEB2 /INDIA based
IT|indian.based.website|certified.it.company/i
I'm wondering if there is a good reason why a singe period is used instead of
something like \s+ which would catch multiple sp
On Fri, 25 Jun 2021, Greg Troxel wrote:
RW writes:
You can reach out
to our Customer Support Team+1 (800) 781 - 2511.
Is it common in the US to put 800 in brackets like that? In my
experience brackets normally go around either country codes or area
codes, digits that may be optional.
On Wed, 28 Jul 2021, Antony Stone wrote:
On Wednesday 28 July 2021 at 19:51:49, Pedro David Marco wrote:
Hi!
i have spam with this header:
Received: from a48-115.smtp-out.amazonses.com (HELO
a48-115.smtp-out.amazonses.com) (54.240.48.115)
Is there any way, based on its fqdn, to know whether
On Fri, 30 Jul 2021, David Bürgin wrote:
David Bürgin:
Resolved. Perhaps the documentation should be updated.
There are notes for options ‘remove_header’ and ‘clear_headers’ that
‘X-Spam-Checker-Version is not removable’, so a straightforward fix to
the documentation would be replacing senten
On Mon, 11 Oct 2021, Jerry Malcolm wrote:
I am getting tons of emails that are very obviously spam (elongation, russian
beauties, etc) that are getting a -5 score added on the white list tes
t:
CVD_IN_DNSWL_HIRBL: Sender listed at https://www.dnswl.org/, high trust
I'm curious about the usef
On Mon, 11 Oct 2021, David B Funk wrote:
On Mon, 11 Oct 2021, Jerry Malcolm wrote:
I am getting tons of emails that are very obviously spam (elongation,
russian beauties, etc) that are getting a -5 score added on the white list
tes
t:
CVD_IN_DNSWL_HIRBL: Sender listed at https
On Tue, 19 Oct 2021, Linkcheck wrote:
Ok, thanks, Dave.
'--helper-home-dir' option needs an '='
Also, --max-children?
I have been playing with options based on suggestions here. I now have the
spamassassin options as:
OPTIONS="--nouser-config -4 -i 127.0.0.1 --max-children=5
--helper-ho
How big was the message? (attached images can be pretty big).
Depending on the "glue" you use to connect your mail MTA to SA, it may have some
kind of size restriction.
For example, the 'spamc' client has a 'max-size' parameter (which defaults to
500KB). Any message larger than that size will
On Thu, 29 Sep 2022, Matus UHLAR - fantomas wrote:
[snip..]
/usr/local/share/perl/5.28.1/Mail/SpamAssassin/DnsResolver.pm line 742,
line 189.
Wed Sep 28 21:46:55 2022 [9418] info: dns: bad dns reply: bgread: recv()
failed: Connection refused at
/usr/local/share/perl/5.28.1/Mail/SpamAssassin/D
On Thu, 29 Sep 2022, Maurizio Caloro wrote:
First let me thanks for your quick help, yes now are running:-)
mistake:
named.conf.options
-listen-on { A.B.C.D, localhost; };
+listen-on { any; };
After this, the error in Spamd.log disapper, greate!
Your mistake is that 'local
On Mon, 3 Oct 2022, Loren Wilton wrote:
I'm getting a bunch of spams from fake gmail accounts that consist of one
short line of text and a 2 MB jpg file.
The subject and body text are pretty much random beyond that.
How do I check for the following?
--e345f305ea2680cd
Content-Type
On Sat, 14 Jan 2023, Benny Pedersen wrote:
Benny Pedersen skrev den 2023-01-14 03:59:
header TO_SPECIFIC_DOMAIN To:addr =~ /\@(test|junc)\.(com|net|eu)$/
describe TO_SPECIFIC_DOMAIN Mail sent to test.com or test.net email addresses
score TO_SPECIFIC_DOMAIN -0.5
tested works if i mail myself :=
what useful information would you be looking for from this kind of comparison?
All the time I receive mail from people with non-local domains and regularly
receive e-mail from co-workers using the same domain as me.
The kind of things that might be useful are:
1) detecting local-domain forger
On Wed, 12 Jul 2023, Wingfully Team via users wrote:
Hi,
I’m using SpamAssassin 3.4.0 on a VPS hosted by Hostinger with CentOS 7.
CyberPanel was installed by Hostinger.
I am constantly (every 90 seconds) seeing spamassassin fail to start, seemingly
because it can’t find the PID file. I’m sen
Assuming you own/manage your infrastructure it should be straight-forward.
Create SFP records for your domain & SMTP server, set them to either soft or
hard fail mode.
If you can, also set up DKIM signing of your outgoing mail.
Then create rules that looks for your from address in a message
If you do that you will guarantee yourself to get bunches of spam that might
otherwise be tagged by SA.
the "welcomelist" mechanism says:
Anybody who matches this criteria we consider strongly not to be spam
(regardless of how spammy all the other metrics may say it is).
You should "welco
On Fri, 28 Jul 2023, Jared Hall wrote:
On 7/27/2023 12:08 PM, Ken D'Ambrosio wrote:
Hey, all. I've recently started getting spam that's really hard to deal
with, and I'm open to suggestions as to how to approach it. Superficially,
[snip..]
The damn body's been encoded! And there's so little
On Wed, 2 Aug 2023, Thomas Cameron via users wrote:
Thank you very much. The message that slipped through today was NOT one of
the ones being discussed in this thread, it was a different format and
totally different message. I only included it to demonstrate that my server
was not being reject
On Sat, 5 Aug 2023, Grant Taylor via users wrote:
On 8/5/23 6:42 PM, Martin Gregorie wrote:
Yes given that he is
Sorry, I as asking for differences between Energy Creatures and Trolls.
I agree with your advice about the particular EC / T.
I'm still trying to understand the conceptual differ
Denny,
If you read the fine manual for the spamassassin configuration file, in section
for 'score SYMBOLIC_TEST_NAME n.nn [ n.nn n.nn n.nn ]'
You'll see:
If only one valid score is listed, then that score is always used for a test.
If four valid scores are listed, then the score that i
On Thu, 28 Mar 2024, Philip Prindeville via users wrote:
On Mar 28, 2024, at 2:39 AM, Matus UHLAR - fantomas wrote:
On 27.03.24 20:56, Philip Prindeville via users wrote:
I have something that looks like:
whitelist_from_rcvd v...@yandex.ru vger.kernel.org
blacklist_from *@yandex.ru
And
On Sat, 22 Jun 2024, Paul Schmehl wrote:
On Jun 22, 2024, at 12:28 AM, Kenneth Porter
wrote:
On 6/21/2024 8:56 PM, Paul Schmehl wrote:
I scratched my head, then looked up the man page for sa-update on the
web. Sure enough, that’s where the rules
go. Is that where my local.c
On Mon, 30 Nov 2015, Sebastian Arcus wrote:
On 30/11/15 16:41, Reindl Harald wrote:
Am 30.11.2015 um 17:24 schrieb Sebastian Arcus:
OK - this might be a basic question, but recently the detection rate on
my SA install has been really unreliable, so I decided that the first
step is to be sure
On Thu, 4 Feb 2016, Reindl Harald wrote:
DMARC is a combination of SPF and DKIM plus From: header spoofing check.
You must get SPF and DKIM setup before adding the '_dmarc' DNS record for
the sending domain
tell me something new
wait i tell you something (for you) new: DMARC and mailing-lists
On Fri, 26 Feb 2016, Bowie Bailey wrote:
On 2/26/2016 12:46 PM, Antony Stone wrote:
On Friday 26 February 2016 at 18:14:53, Axb wrote:
On 02/26/2016 06:04 PM, John Hardin wrote:
On Fri, 26 Feb 2016, Reindl Harald wrote:
score VERY_LONG_REPTO_SHORT_MSG 3.999 3.999 3.999 3.999
hea
On Thu, 3 Mar 2016, Marc Perkel wrote:
A customer of mine inquired about executable viruses inside of PDF files. Is
that so? And if it is - is there any way of detecting executables inside of
PDF?
I don't know that PDFs can contain classical ".exe" type executables but they
can clearly contai
On Thu, 3 Mar 2016, Dianne Skoll wrote:
On Thu, 3 Mar 2016 13:27:18 -0800 (PST)
John Hardin wrote:
[Dianne Skoll]
However, many legitimate PDF files contain Javascript snippets.
Blocking solely on that basis will lead to many FPs.
I'd argue the "legitimate" part of that statement... :)
On Thu, 3 Mar 2016, John Hardin wrote:
On Thu, 3 Mar 2016, Dianne Skoll wrote:
On Thu, 3 Mar 2016 13:03:44 -0800
Marc Perkel wrote:
Thanks for the response. I'm in the spam filtering business and I'm
wondering what I can use (from the command line?) to detect if a PDF
has any kind of script
On Fri, 4 Mar 2016, Alex wrote:
Hi,
I have a legitimate mail that received 2.8 points, making it spam, as
a result of what appears to be a false positive with DOS_OUTLOOK_TO_MX
http://pastebin.com/dbm2Q4k6
There doesn't seem to be any desktop system involved, just direct
communication with th
On Mon, 7 Mar 2016, Charles Sprickman wrote:
I’ve been running with some daily training for a little over a week and I’m
seeing less spam in my inbox. I’ve seen a few things slip through because
bayes tipped them below the default score, these were two phishing emails.
Here’s some rule stats
On Tue, 8 Mar 2016, Matus UHLAR - fantomas wrote:
On Mar 8, 2016, at 7:31 AM, Matus UHLAR - fantomas
wrote:
how can these two stats be different?
On 08.03.16 10:19, @lbutlr wrote:
Because one is for SPAM and one is for HAM.
On Mar 8, 2016, at 10:41 AM, Matus UHLAR - fantomas
wrote:
Wh
to know how to get these stats too.
From: Robert Chalmers [mailto:rob...@chalmers.com.au]
Sent: Tuesday, March 08, 2016 5:25 AM
To: users@spamassassin.apache.org
Subject: Re: Missed spam, suggestions?
Can I ask, how are you getting these stats please?
Thanks
On 8 Mar 2016, at 05:11
On Tue, 15 Mar 2016, Kris Deugau wrote:
Robert Boyl wrote:
Hi, everyone
Please check http://pastebin.com/GUBqpyZ8
Interesting how some spams that abuse some legit account such as this
one are hard to detect, how Spamassassin scores almost nothing although
there are spammy works, etc. System c
On Sat, 26 Mar 2016, Reindl Harald wrote:
BODY_URI_ONLY Message body is only a URI in one line of text
how can that hit the (anonymized) mail below?
___
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: quoted-printable
** =C3=9Cbermittlung: in
On Sat, 26 Mar 2016, Reindl Harald wrote:
Am 26.03.2016 um 04:21 schrieb Reindl Harald:
Am 26.03.2016 um 03:54 schrieb David B Funk:
On Sat, 26 Mar 2016, Reindl Harald wrote:
BODY_URI_ONLY Message body is only a URI in one line of text
how can that hit the (anonymized) mail below
On Tue, 29 Mar 2016, Bill Cole wrote:
On 29 Mar 2016, at 19:36, John Hardin wrote:
So, a message that's explicitly multipart MIME but which has only one part?
Or does it actually have multiple parts, just none are marked as
text/plain?
multipart/report; type=delivery-status. The standard MI
On Wed, 30 Mar 2016, Alex wrote:
Hi,
I'd like to assign a spamassassin score to received word documents
(doc,docx,xls,xlsx) so they are quarantined on my UTM. I've tried the
following which doesn't work. Can someone show me an example that should
work?
mimeheader DOC_ATTACHED Content-Type =~
On Wed, 6 Apr 2016, Alex wrote:
Hi,
On Wed, Apr 6, 2016 at 3:12 AM, wrote:
Alex skrev den 2016-04-06 02:40:
http://pastebin.com/FTzbQcHb
The Heuristics.OLE2.ContainsMacros rule is added by amavisd+clamav,
but it's apparently not something that spamassassin can manipulate
change clamd to
What algorithm does Bayes use to detect that it has already 'seen' a given
message?
When I receive a bolus (say 40~60) of 'phish' messages from a compromised
Hotmail/gmail/yahoo account which are mostly the same (body, many headers same,
only recipients, Message-ID, Date, and a few Received he
On Fri, 20 May 2016, Dianne Skoll wrote:
On Fri, 20 May 2016 09:31:48 +0300
Emin Akbulut wrote:
What do you suggest to fight these spams?
ClamAV is basically useless.
We do it the hard way. We list the contents of attached archives
(using "lsar") and have filename-extension rules that blo
On Thu, 26 May 2016, John Hardin wrote:
On Thu, 26 May 2016, Reindl Harald wrote:
Am 26.05.2016 um 20:50 schrieb RW:
I noticed that Bayes is picking-up on very strong tokens from "eval" and
"code" in headers like this:
X-PHP-Originating-Script: 1013:global.php(1938) : eval()'d code
On Wed, 8 Jun 2016, jimimaseye wrote:
On 08/06/2016 16:05, Matus UHLAR - fantomas [via SpamAssassin] wrote:
note that if a server acts as your MX, it should be listed in
internal_networks, no matter if other company manages it.
That applies for backup MX servers for your dom
On Thu, 9 Jun 2016, Yu Qian wrote:
Yes, I am sure the path is correct, also, if the path is not correct, it will
show 'db not present'.
I tried to write a small perl script to open the db file, it failed too. so I
think it maybe the file damaged during the mounting. but I
don't know why this c
On Sat, 11 Jun 2016, Reindl Harald wrote:
Am 10.06.2016 um 23:52 schrieb RW:
On Fri, 10 Jun 2016 16:57:45 +0200
Reindl Harald wrote:
see attachemnt, no bayes tag at all looks like a major bug somewhere
In the absence of any debug it's hard to say.
hence i attached the sample
It is pos
On Mon, 13 Jun 2016, Reindl Harald wrote:
* the syntax seems to be correct
* domain listet and dig answers correctly on the sa-machine
* spamassassin -D < sample.eml 2> out.txt
* grep for the uribl don't show any call
uridnsbl URIBL_LOCAL uribl.thelounge.net. A
body URIBL_LOCAL eval:
On Thu, 16 Jun 2016, RW wrote:
On Wed, 15 Jun 2016 13:40:25 -0700 (PDT)
John Hardin wrote:
On Wed, 15 Jun 2016, jaso...@mail-central.com wrote:
and all the possible line-broken and "="-delimited variations?
There's obviously a lot of them.
That would have to be a rawbody rule
AFAIK QP i
On Wed, 6 Jul 2016, Lorenzo Thurman wrote:
I’ve been receiving some spam where spamassassin identifies the sender with
USER_IN_WHITELIST. These senders (or domains) are
most definitely not in my whitelist. How can I get around this problem?Thanks
SpamAssassin comes with some built-in whiteli
On Mon, 11 Jul 2016, Reindl Harald wrote:
Am 11.07.2016 um 19:30 schrieb RW:
[snip..]
It sounds like SA is not able to parse the envelope sender out of the
headers.
See the description for envelope_sender_header in
man Mail::SpamAssassin::Conf
SA has also a weakness or design mistake here
On Tue, 19 Jul 2016, Jan-Kees van Kampen wrote:
Hi John,
It would be better if you could post a few spamples to something like
pastebin or a webserver you control and send the URLs to the list so
that we can see the complete raw messages.
here are 3 examples:
http://sandberg.nl/sp/
1 and 2
On Tue, 6 Sep 2016, Alex wrote:
Hi,
Is there any ability to determine if a particular attachment has a
Word macro enclosed in addition to just having a Word document?
that's the hob of clamav and the sa-plugin for it
"OLE2BlockMacros yes" in case of a scored SA plugin won't block but add th
On Tue, 6 Sep 2016, Dianne Skoll wrote:
On Tue, 6 Sep 2016 17:50:25 -0400
Alex wrote:
[snip]
Workbook_Open
Document_Open
Auto_Open
AutoOpen
Is there a simple way to identify whether the attachment/macro
contains those listed functions, without the ab
What do you see in your syslog reports from spamc?
Is it reporting any errors?
Please note the 'max-size' parameter for spamc:
-s max_size, --max-size=max_size
Set the maximum message size which will be sent to spamd -- any bigger
than
this threshold and the message will be return
On Thu, 20 Oct 2016, John Hardin wrote:
On Thu, 20 Oct 2016, Ian Zimmerman wrote:
On 2016-10-20 08:34, simplerezo wrote:
My understanding is that AWL is helping frequent senders who are known
to not send spam to "reduce" their spam score, preventing false
positive. That's exactly what I want
On Sat, 19 Nov 2016, Dan Jacobson wrote:
$ svn checkout http://svn.apache.org/repos/asf/spamassassin/trunk /tmp/ee
$ cd /tmp/ee
$ echo|perl Makefile.PL PREFIX=/tmp/g
$ make
In the end you will see
cd spamc
/usr/bin/perl version.h.pl
spamc/configure.pl: Can't exec `version.h.pl': No such file o
On Tue, 6 Dec 2016, Michael Heuberger wrote:
Anyone?
On 23/11/16 16:11, Michael Heuberger wrote:
Hello folks
New here :)
I'm running Spamassassin v3.4.1 here on an headless Ubuntu 16.10 server
together with Monit (and Postfix of course). Each time server restarts,
Monit says first that th
On Fri, 13 Jan 2017, Bill Cole wrote:
On 10 Jan 2017, at 10:55, Michael B Allen wrote:
bayes_file_mode 0777
Don't do that. Ever. It is not necessary, despite having been propagated
widely as a supposed solution for system-wide Bayes permission issues. The
clear indicator that whoever devis
On Wed, 25 Jan 2017, Benny Pedersen wrote:
same as with clamav 3dr party spam signatures should not really have being in
clamav, but on a sa channel, i know there is a perl script to make that 3dr
party sigs back to sa, but it uses so much memmory that its not practical :(
my solution to th
On Mon, 6 Mar 2017, Alan Hodgson wrote:
It seems it should be easy to setup “If mail claims to be From: PayPal.com
and is not from PayPal, score +100” but it is not.
This is what DMARC is for.
Run opendmarc as a milter and reject failures. Or score later on DMARC
failure, even if just selecti
On Fri, 10 Mar 2017, Michael Grant wrote:
[snip..]
The problem is caused by innocentbytan...@ymail.com IN THE BODY!
This seems a bit overzealous. It seems like a bit of an over-reach to look at
headers in the BODY of the message.
This is an excellent rule except for this rude message body
I'm having trouble with Bayes getting swamped by all the headers of Office-365
generated mail messages.
Our campus has outsourced its Exchange mail servers to O-365 and migrated the
bulk of user accounts to it. Thus a large percentage of mail our departmental
server receives is from on-campus
On Thu, 23 Mar 2017, fitz wrote:
I am attempting to tighten up my whitelists, replacing whitelist_from with
whitelist_auth, whitelist_spf, and/or whitelist_dkim. And having trouble.
The simplistic example of
whitelist_auth b...@example.com example.net
does not really cut it.
For example, I h
On Mon, 1 May 2017, Alex wrote:
Hi,
On Mon, May 1, 2017 at 8:44 AM, David Jones wrote:
From: Alex
I've taken a more conservative, but also more time-consuming approach
by creating rules that subtract a few points with the right
combination.
I was also hoping there was a more general appro
On Wed, 3 May 2017, Alex wrote:
Hi,
If you haven't heard, there was a huge Google Docs phishing attack
today. Several hundred bypassed our filters in the hour or so before
we were able to identify them. The To address is always
"h...@mailinator.com" and the subject is always " has s
On Mon, 8 May 2017, John Hardin wrote:
On Mon, 8 May 2017, Chris wrote:
I get various posts from US-CERT none so far have been tagged as spam
until today. The raw message with the SA tags is here - https://pastebi
n.com/f71A2FfW What it hit on was:
pts rule name description
On Mon, 8 May 2017, Chris wrote:
whitelist_auth *@*.us-cert.gov us-cert.gov
This should be:
whitelist_auth *@*.us-cert.gov
I don't know why I keep putting the second entry in my 'my-
whitelist.cf' file. I must have read it or something a long, long time
ago in order to be doing this.
Poss
Is there any way to use Bayes autolearn in general but prevent it from learning
specific messages?
I have a specific source of messages (Office-365) which I would like to prevent
from being autolearn (with out scoring them as spam).
I still want those messages to be SA scored using the normal
On Wed, 10 May 2017, John Hardin wrote:
On Wed, 10 May 2017, David B Funk wrote:
Is there any way to use Bayes autolearn in general but prevent it from
learning specific messages?
I have a specific source of messages (Office-365) which I would like to
prevent from being autolearn (with out
On Thu, 11 May 2017, Benny Pedersen wrote:
Anthony Hoppe skrev den 2017-05-11 00:55:
I'm trying to implement a very simple rule that looks at the
"Received" header(s) and if a string is found apply a negative score.
The rule is as follows:
headerAH_KNOWBE4 Received=~ /phishtest\.knowbe4\.
On Fri, 19 May 2017, John Hardin wrote:
On Thu, 18 May 2017, Rob McEwen wrote:
In many cases, they explain to me that their settings got auto-overwritten
by their hoster - who just HAD to switch their resolv.conf file back to
8.8.8.8
cron. job.
Wouldn't the SA config parameter "dns_server
On Fri, 19 May 2017, Dianne Skoll wrote:
Hi,
Tons of list traffic keeps getting quarantined because of DMARC. For
example, a recent message from David Jones :
DMARC policy for domain ena.com suggests Rejection as
DMARC_POLICY_REJECT, but quarantined due to rule settings
$ host -t txt _dmarc.
On Fri, 19 May 2017, RW wrote:
On Fri, 19 May 2017 14:13:22 -0500 (CDT)
David B Funk wrote:
ne.
My read on this is that "@ena.com" is living dangerously. They
publish SPF records and DMARC records (with p=reject) but do NOT DKIM
sign their mail.
Most of them pass DKIM, a minor
On Fri, 19 May 2017, David Jones wrote:
From: David B Funk
On Fri, 19 May 2017, RW wrote:
On Fri, 19 May 2017 14:13:22 -0500 (CDT)
David B Funk wrote:
ne.
My read on this is that "@ena.com" is living dangerously. They
publish SPF records and DMARC records (with p=reject)
On Sat, 15 Jul 2017, Antony Stone wrote:
On Saturday 15 July 2017 at 11:19:54, mastered wrote:
Hi Nicola,
I'm not good at SHELL script language, but this might be fine:
1 - Save file into lista.txt
2 - trasform lista.txt in spamassassin rules:
cat lista.txt | sed s'/http:\/\///' | sed s'/\
On Sat, 15 Jul 2017, Antony Stone wrote:
On Saturday 15 July 2017 at 11:19:54, mastered wrote:
Hi Nicola,
I'm not good at SHELL script language, but this might be fine:
1 - Save file into lista.txt
2 - trasform lista.txt in spamassassin rules:
cat lista.txt | sed s'/http:\/\///' | sed s'/\
On Thu, 20 Jul 2017, Andrzej A. Filip wrote:
By default messages bigger than 500KB are not sent to spamd for
processing/scanning => the tactics you describe frequently "turns off"
spam filtering.
IMHO SA should design procedures to deal with big messages.
I personally use "sacan headers only" a
On Thu, 3 Aug 2017, Kris Deugau wrote:
Ian Zimmerman wrote:
On 2017-08-03 10:38, sha...@shanew.net wrote:
The most common ones that I make use of are "multiple" and "maxhits"
in order to allow a rule to be scored for each time it hits, but to
stop counting after some threshold. I also use th
On Mon, 7 Aug 2017, Jerry Malcolm wrote:
I'm invoking spamd using:
CHECK SPAMC/1.2\r\n
I'm getting the expected response such as:
Spam: False ; -1.8 / 4.0
I am trying to figure out how to get the TESTS= results of the individual
tests returned as well.
(e.g.tests=[AWL=-1.103, BAYES_00=-2
On Mon, 7 Aug 2017, Alex wrote:
Hi,
On Mon, Aug 7, 2017 at 6:56 PM, Jacek Osuchowski wrote:
We use emails to allow users to reset their passwords to our website. We
send very brief emails containing the reset password. Example between :
Your password to access your account is:
S]U3bC
On Mon, 7 Aug 2017, David Jones wrote:
[snip..]
This IP is listed on SORBS and Spamhaus ZEN which are going to cause problems
with delivery to many receiving mail filters, not just SpamAssassin.
http://multirbl.valli.org/lookup/68.192.71.191.html
That's his PC which is the MSA. As it's the
On Mon, 7 Aug 2017, Jacek Osuchowski wrote:
This is an email I sent to IsNotSpam.com. They list the whole thing when
testing for spam. I am getting a lot of complains from our customers that our
emails are not received. Our domain is not blacklisted anywhere so I suspect it
is the spam filter
On Tue, 15 Aug 2017, Christopher Engelhard wrote:
On 08/14/2017 05:24 PM, Kevin A. McGrail wrote:
does mysql -u -p localhost spamdb work?
Yes, that works. The user has INSERT, DELETE, UPDATE, SELECT privileges.
Does it need CREATE? The table 'txrep' exists with columns username,
email, ip, c
On Thu, 14 Sep 2017, Dianne Skoll wrote:
On Thu, 14 Sep 2017 11:27:27 -0700
"Loren Wilton" wrote:
Other than being obvious spam, they seem to be set up as though they
were legitimate commercial mailing list stuff, often containing
things like contact-id and the like in the links.
Is anyone
On Tue, 19 Sep 2017, Chris wrote:
On Wed, 2017-09-20 at 00:40 +0100, Martin Gregorie wrote:
On Tue, 2017-09-19 at 16:44 -0500, Chris wrote:
Thanks Martin, here's what I get, it appears to not be running.
sudo systemctl stop dnsmasq
[sudo] password for chris:
Failed to stop dnsmasq.service:
On Wed, 20 Sep 2017, Rupert Gallagher wrote:
> 10. The emails we send are operational and notices emails to customers -
who need them. They call on the phone and complain they haven't received
them - just to discover they were sent, but ended up in the junk.
Tell them to send you a copy of t
On Tue, 24 Oct 2017, Rupert Gallagher wrote:
Easy one. The Message-ID is not well formed / RFC compliant. We reject such
junk upfront.
Sent from ProtonMail Mobile
On Tue, Oct 24, 2017 at 8:32 PM, Alex wrote:
Hi all, I'm wondering if someone has some ideas to handle bank fraud
phishi
On Tue, 24 Oct 2017, Pedro David Marco wrote:
Out of curiosity...
"account is deactivated due to inactive,"
is this correct in english? shouldn't it be "inactivity"?
It isn't good English, but I've seen worse from official notices.
Now the fact that it claims to be a US financial company
On Fri, 27 Oct 2017, A. Schulze wrote:
Am 27.10.2017 um 07:15 schrieb @lbutlr:
RFC 822 is obsolete, replaced by RFC 2822.
... which is obsoleted by RFC 5322 and updated some other RFCs
see https://tools.ietf.org/html/rfc5322
And it still explicitly says that construct is legal:
rfc5322:3.4
On Fri, 27 Aug 2010, Cimoni Enwis Ogwujiakwu wrote:
> Hello Micheal,
> But I am the ISP here. I provide internet access for subscribers and I have
> redirected their smtp port 25 traffic through the smtp server, but the
> response sent earlier when I want to connect as a test subscriber. which
On Tue, 31 Aug 2010, Mark Martinec wrote:
> Lawrence,
>
> > This is a dedicated server in a facility in the US. The server is
> > configured to use the resolvers 4.2.2.1 and 4.2.2.2
> >
> > I wouldn't dream of relying on Google for anything :)
>
> Like I said, your resolver is tricking you. Either
On Mon, 20 Sep 2010, Chuck Campbell wrote:
> > enabled). Is SA integrated in your mail system in a way that it "knows"
>
> Not sure where to enable this. Will dig more in the docs.
>
> > the user name of the recipient? (some integration methods do not make that
> > info avaialble to SA so the per
On Tue, 5 Oct 2010, Joseph Brennan wrote:
>
> --On Tuesday, October 5, 2010 10:40 -0400 Alex
> wrote:
>
> > I have an email that I'm trying to whitelist using whitelist_from_rcvd
> > and it's not working as I expect. I've created an entry:
> >
[snip..]
>
> Notice also that the rule checks the hea
On Wed, 6 Oct 2010, durwood wrote:
> I too am starting to see quite a bit of spam that's *just* over the 500k
> threshold due to ~4K-sized image attached to the spam. It almost makes me
> wonder if they are doing this just to get it over the standard SpamAssassin
> threshold.
>
> It seems like the
On Fri, 19 Nov 2010, Daniel McDonald wrote:
> On 11/19/10 2:51 PM, "Bowie Bailey" wrote:
>
> > rawbody FR_3TAG_3TAG
> > m'<[abcefghijklmnoqstuvwxz]{3}>'i
> >
> > It looks for an html tag containing exactly three characters followed by
> > a closing tag which also contains exactly three character
On Thu, 9 Dec 2010, Karsten Bräckelmann wrote:
> On Thu, 2010-12-09 at 14:43 -0800, John Hardin wrote:
> > > It appears that a client can easily set up hosting using cPanel or
> > > something without ever setting the rDNS or hostname to anything other
> > > than the numeric default.
> >
> > Is the
On Tue, 14 Dec 2010, Marc Perkel wrote:
> Are there any DNSBLs out there based on email addresses? Since you can't
> use an @ in a DNS lookup - how would you do DNSBL on email addresses? Is
> there a standard?
>
Why do you say "Since you can't use an @ in a DNS lookup"??
Unless you're using obsol
On Fri, 28 Jan 2011, David F. Skoll wrote:
> On Fri, 28 Jan 2011 18:10:08 +
> Dominic Benson wrote:
>
> > Recently, in order to balance the ham/spam ratio given to sa-learn, I
> > have started to pass mail submitted by authenticated users to
> > sa-learn --ham.
>
> > I haven't seen any mentio
On Fri, 11 Feb 2011, Jason Haar wrote:
> On 02/11/2011 09:37 AM, Mark Martinec wrote:
> > Yes, the security hole is entirely within the milter,
> > independent of the MTA.
> >
> That exploit is dated Mar 2010? Has this really not been fixed in about
> a year???
>
>
"a year"??, try half-a-decade.
1 - 100 of 565 matches
Mail list logo
