>>>
> On 7/24/20 7:41 PM, Noel Butler wrote:
>
>> On 24/07/2020 23:26, Benny Pedersen wrote:
>>
Noel Butler skrev den 2020-07-24 14:57:
>>>
because it shits trolls like you off
>>>
>>>
> https://imgur.com/pHlUeZY?fbclid=IwAR2l8HBDnXST5-adnmyIbBAsq16sZeGNhfqHwBNM8I
> kQZsir2aUw-H919hk
>>
>>
SOHO system, on virtual machines. Fairly recent versions. Running openSUSE
Leap 15.1.
Due to some recent malware (obvious stuff) wanted to add AV scanning. I
gather "Amavis-new" is the hot ticket these days,
I deal with Sophos products and would like to use their linux product to do the
sc
So, beyond "experiences" any leads on generic "how to" guides that actually
work in
practice? I've found a few, rather than chase geese, I'm sure some here have
done
similar things, even if with other AV scanners.
> SOHO system, on virtual machines. Fairly recent versions. Running openSUSE
>>
> On 11/24/20 12:40 PM, Axb wrote:
>> Fuglu supports Sophos AV
>> See fuglu.org
>
> Sophos recently discontinued their support for SAVI on Linux. They now
> only support "Server Central Intercept X Advanced" which is an entirely
> different product.
>
> I would also be interested in newer/s
>
> On 11/24/20 12:40 PM, Axb wrote:
>> Fuglu supports Sophos AV
>> See fuglu.org
>
> Sophos recently discontinued their support for SAVI on Linux. They now
> only support "Server Central Intercept X Advanced" which is an entirely
> different product.
>
> I would also be interested in newer/su
> Am 23.11.20 um 17:37 schrieb Joe Acquisto-j4:
>> So, beyond "experiences" any leads on generic "how to" guides that actually
> work in
>> practice? I've found a few, rather than chase geese, I'm sure some here
> have done
>>
>> Am 23.11.20 um 17:37 schrieb Joe Acquisto-j4:
So, beyond "experiences" any leads on generic "how to" guides that actually
>> work in
>>> practice? I've found a few, rather than chase geese, I'm sure some here
>> have done
>&
>>>
> On Wed, 2 Dec 2020, Joe Acquisto-j4 wrote:
>
>> Hacking away, seem to have it working?, Using CLAMAVPlugin. At least mail
>> does not appear "broken".
>>
>> But EICAR is not detected. I "think" it is being scanned as I
>On Wed, 2 Dec 2020, Tom Hendrikx wrote:
>
>>
>>
>> On 02-12-2020 16:18, Joe Acquisto-j4 wrote:
X-Spam-Virus: _CLAMAVRESULT
>>
>> I never integrated Clam using this plugin, but this seems a config typo to
>> be: there should be a Yes/No in there, an
> On Wed, 2 Dec 2020, Tom Hendrikx wrote:
>
>>
>>
>> On 02-12-2020 16:18, Joe Acquisto-j4 wrote:
X-Spam-Virus: _CLAMAVRESULT
>>
>> I never integrated Clam using this plugin, but this seems a config
typo to
>> be: there should be a Yes/No in there, an
Malware is not being detected in the test form
--
Return-path:
Received: from aux.a.com ([192.168.0.xx1])
by mail with ESMTP; Wed, 02 Dec 2020 19:30:16 -0500
Received: by aux.a.com (Postfix, from userid 1004)
id 1D0F729D74; Wed, 2 Dec 2020 19:30:16 -05
> On Wed, 02 Dec 2020 19:38:22 -0500
> Joe Acquisto-j4 wrote:
>
>> Malware is not being detected in the test form
>
> Just to be clear, do you have EICAR as an attached .com file?
I thought so, but it appears not. has a form
that has both "clean" a eicar.com at
> Am 03.12.20 um 03:00 schrieb Joe Acquisto-j4:
On Wed, 02 Dec 2020 19:38:22 -0500
>>> Joe Acquisto-j4 wrote:
>>>
>>>> Malware is not being detected in the test form
>>>
>>> Just to be clear, do you have EICAR as an attached .com file?
>>
> What, specifically, is the config you're using to invoke CLAMAVPlugin?
>
> You need to have at least two things set up in your spamassassin config
> files:
> 1) load the plugin in a "v*.pre"
> 2) invoke the check_clamav() procedure
>
> EG:
> in v320.pre
>
> # AntiVirus - some simple anti-viru
Some mail with attached suspect files are larger than can be processed.
Looking for a way to flag such "oversize" messages as suspect even if not
processed.
Is there a simple way? SpamAssassin version 3.4.2
Umm, err, . . . well . . .
Just what I robotically entered in postfix master.cf
smtp inet n - n - - smtpd -o
content_filter=spamassassin
Is that what you were after?
>>>
> What glue are you using to call SA?
>
> On Sat, Dec 26, 2020,
t; Second, I would guess sieve or procmail depending on your configuration can
> be used to add a header based on size.
>
> Regards. KAM
>
>
> On Sat, Dec 26, 2020, 18:47 Joe Acquisto-j4 wrote:
>
>> Umm, err, . . . well . . .
>>
>> Just what I
running version 3.42.
I added a rule in local.cf and restarted spamd. (systemctl restart
spamd.service) It hit. Changed the score on it and an existing rule and did a
restart and they it but neither score changed.
Ran lint (spamassassin -D --lint) and noticed numerous (20-30 ?)
"__E_LIKE
> On 2021-01-26 23:04, Joe Acquisto-j4 wrote:
>
>> Any suggestions?
>
> does it lint if local.cf is empty or non exists ?
Just renamed local.cf and get the same results. Now I am more confused. Too
late for more coffee.
>> On 2021-01-26 23:04, Joe Acquisto-j4 wrote:
>>
Any suggestions?
>>
>> does it lint if local.cf is empty or non exists ?
>
> Just renamed local.cf and get the same results. Now I am more confused. Too
> late for more coffee.
spamd was stopped at the time.
>On Tue, 26 Jan 2021 17:04:17 -0500
> Joe Acquisto-j4 wrote:
>
>
>> Ran lint (spamassassin -D --lint) and noticed numerous (20-30 ?)
>> "__E_LIKE_LETTER," in sequence, followed by
>>
> "__GATED_THROUGH_RCVD_REMOVER,__HAS_FROM,__HAS_MESSAGE_ID,
> On Tue, 26 Jan 2021, Joe Acquisto-j4 wrote:
>
>>>> On 2021-01-26 23:04, Joe Acquisto-j4 wrote:
>>>>
>> Any suggestions?
>>>>
>>>> does it lint if local.cf is empty or non exists ?
>>>
>>> Just renamed local.cf a
>> On Tue, 26 Jan 2021, Joe Acquisto-j4 wrote:
>>
>> On 2021-01-26 23:04, Joe Acquisto-j4 wrote:
>>>>>
>>> Any suggestions?
>>>>>
>>>>> does it lint if local.cf is empty or non exists ?
>>>>
>>>> Just
> On 26 Jan 2021, at 17:04, Joe Acquisto-j4 wrote:
>
>> running version 3.42.
>
> Presumably you meant 3.4.2...
>
> Unless that's a distro-patched variant, such as the ones RH and Debian
> produce, you should update to 3.4.4. There are significant secur
Using SpamAssassin 3.4.5 (2021-03-20)
Perhaps memory fails, but was there not, once, a standard rule that detected
non alpha characters in
sender name? The domain/provider is not of interest for this question.
Such as this item (not the actual sender name)
* 1.0 FREEMAIL_FROM Sender
Anyone have a regex example handy that can detect any number of digits before @
sign?
Not a regex maven at all. What searching I did on this topic just served to
kick the bee hive.
>> Perhaps memory fails, but was there not, once, a standard rule that
>> detected non alpha characters in
> se
Thanks for all the solutions and suggestions.
joe a.
> Anyone have a regex example handy that can detect any number of digits before
> @ sign?
> Not a regex maven at all. What searching I did on this topic just served to
> kick the bee hive.
>
>
Perhaps memory fails, but was there not, on
SpamAssassin 3.4.5 (2021-03-20) on Suse Leap 15.2 (their distro IIRC)
Noticed that mail marked as SPAM was scanned again by SA after it had been
"disposed" as an attachment.
I uncommented "report_safe 0" and did a restart of SA. Next SPAM came through
as a normal email, still marked as SPAM a
But, no . . .
In the words of Lt. Commander Data, I was "chasing an untamed ornithoid
without cause".
Perhaps sheepishly yours . . . .
joe a.
> On Monday 12 July 2021 at 20:07:16, Joe Acquisto-j4 wrote:
>
>> SpamAssassin 3.4.5 (2021-03-20) on Suse Leap 15.2 (their distr
Where can I get some idea of what the rule below actually checks for? I
noticed some normally passed email was flagged as SPAM.
Started seeing it sometime after making some configuration changes to local
settings on postfix, attempting to isolate a "bug". But before reverting them
all, or
>
> Am 20.01.22 um 15:47 schrieb Joe Acquisto-j4:
>> Where can I get some idea of what the rule below actually checks for? I
> noticed some normally passed email was flagged as SPAM.
>>
>> Started seeing it sometime after making some configuration changes to l
> I followed my own advice about egrep -R and found this immediately
>
> it's in
>
> 3.004006/updates_spamassassin_org/72_active.cf
>
> and it is
>
> ##{ FSL_HELO_NON_FQDN_1
> header FSL_HELO_NON_FQDN_1 X-Spam-Relays-External =~ /^[^\]]+
> helo=[a-zA-Z0-9-_]+ /i
> ##} FSL_HELO_NON_FQDN_1
>>>
> On 2022-01-20 15:47, Joe Acquisto-j4 wrote:
>
>> X-Spam-Checker-Version: SpamAssassin 3.4.5 (2021-03-20)
>
> old version
>
>> * 1.8 FSL_HELO_NON_FQDN_1 No description available
>
> have you configured internal_networks, trusted_networks ?
Yes
>>>>
>> On 2022-01-20 15:47, Joe Acquisto-j4 wrote:
>>
X-Spam-Checker-Version: SpamAssassin 3.4.5 (2021-03-20)
>>
>> old version
>>
>>> * 1.8 FSL_HELO_NON_FQDN_1 No description available
>>
>> have you configured internal_netw
> On 2022-01-20 at 16:21:40 UTC-0500 (Thu, 20 Jan 2022 16:21:40 -0500)
> Joe Acquisto-j4
> is rumored to have said:
>
. . . . .
> To figure out what matched, you'll need to check a message with the
> "rules" debug channel on:
>
> spamassassin -t
I'm missing something.
Find a fair amount of missed SPAM showing, among others:
* 0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60%
* [score: 0.4968]
Bayes is way too low, in my HO. I am puzzled by the line after it.
I set local.cf with: score BAYES_50_BODY 3.
>>> On 4/18/2013 at 6:15 AM, Axb wrote:
> On 04/18/2013 12:11 PM, Joe Acquisto-j4 wrote:
>> I'm missing something.
>>
>> Find a fair amount of missed SPAM showing, among others:
>>
>> * 0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60% *
>&
>>> On 4/18/2013 at 6:38 AM, Axb wrote:
> On 04/18/2013 12:23 PM, Joe Acquisto-j4 wrote:
>>>>> On 4/18/2013 at 6:15 AM, Axb wrote:
>>> On 04/18/2013 12:11 PM, Joe Acquisto-j4 wrote:
>>>> I'm missing something.
>>>>
>>>&
>>> On 4/18/2013 at 7:21 AM, Matus UHLAR - fantomas wrote:
> On 18.04.13 06:45, Joe Acquisto-j4 wrote:
>>I was concerned about this:
>>
>> [score: 0.4968]
>
> This meant that BAYES has computer 49.56% probability that the mail is spam
> and the rest (50
>>> On 4/19/2013 at 12:06 AM, John Hardin wrote:
> On Thu, 18 Apr 2013, Joe Acquisto-j4 wrote:
>
>>>>> On 4/18/2013 at 7:21 AM, Matus UHLAR - fantomas wrote:
>>> On 18.04.13 06:45, Joe Acquisto-j4 wrote:
>>>> I was concerned about this:
>
>>> On 4/19/2013 at 6:29 AM, Matus UHLAR - fantomas wrote:
>>>>> On 4/18/2013 at 7:21 AM, Matus UHLAR - fantomas wrote:
>>> Train your bayes database, if you get many spams with this small score.
>
> On 18.04.13 21:45, Joe Acquisto-j4 wrote:
>>A
;>> Do you really want to assign 3 points for "I don't know"?
>
> On 19.04.13 06:09, Joe Acquisto-j4 wrote:
>>In this case, from the samples I've seen. Absolutely, yes.
>
> as I said, the problem is that your BAYES database does not have enough of
>
That's all *I* seem to get. Other users may differ, but I have them
instructions on how
to forward stuff for training.
This is a rather small system compared to what many of you deal with.
joe a.
>>> Niamh Holding 04/19/13 7:11 AM >>>
Hello Joe,
Friday, April 19, 2013, 12:02:32 PM, you wro
>>> On 4/19/2013 at 10:41 AM, John Hardin wrote:
> On Fri, 19 Apr 2013, Joe Acquisto-j4 wrote:
>
>>> What output does the command "sa-learn --dump magic" produce?
>>
>> 0.000 0 1872 0 non-token data: nspam
>> 0.000
I thought I had corrected this issue, with someone's assistance, a while ago:
Apr 19 20:21:02.477 [23670] dbg: bayes: expiry completed
Apr 19 20:21:02.477 [23670] info: archive-iterator: skipping large message
Learned tokens from 0 message(s) (0 message(s) examined)
>>> On 4/19/2013 at 8:26 PM, "Joe Acquisto-j4" wrote:
> I thought I had corrected this issue, with someone's assistance, a while ago:
>
> Apr 19 20:21:02.477 [23670] dbg: bayes: expiry completed
> Apr 19 20:21:02.477 [23670] info: archive-iterator: skipping l
>>> On 4/19/2013 at 8:33 PM, "Joe Acquisto-j4" wrote:
>>>> On 4/19/2013 at 8:26 PM, "Joe Acquisto-j4" wrote:
>> I thought I had corrected this issue, with someone's assistance, a while
> ago:
>>
>> Apr 19 20:21:02.477 [2367
. . .
>Ok, I am officially puzzled.
>
>I setup email addresses on my SA box, to which I and others (they say)
> send ham/spam. Then I have cron tasks that feed those emails twice daily to
> bayes. And emails the output to my admin mailbox.
>
>I can review those admin mes
>>> On 4/20/2013 at 2:00 PM, John Hardin wrote:
> On Sat, 20 Apr 2013, Joe Acquisto-j4 wrote:
>
>> In order to send the samples, the user will forward the messages, as an
>> attachment. Each is an individual message to either ham or spam, with
>> the (hopefu
>
> --
> John Hardin KA7OHZhttp://www.impsec.org/~jhardin/
> jhar...@impsec.orgFALaholic #11174 pgpk -a jhar...@impsec.org
Thanks. This has cleared most of my fog.
I had chosen to forward as it seemed simpler at the time, given the SA
learning curve. Still on
>>> On 4/21/2013 at 7:56 AM, "Joe Acquisto-j4" wrote:
>>
>> --
>> John Hardin KA7OHZhttp://www.impsec.org/~jhardin/
>> jhar...@impsec.orgFALaholic #11174 pgpk -a jhar...@impsec.org
>
> Thanks. This has cleare
To feed "ham" to bayes, should one only user mis-flagged mail, or may one use
unflagged (below 5) mail?
Expressed differently, can one feed "good" messages, "sa-learn --ham
path-to-ham " as one might feed missed spam, "sa-learn --spam path-to-spam"
joe a
>>> On 4/26/2013 at 7:50 PM, John Hardin wrote:
> On Fri, 26 Apr 2013, Joe Acquisto-j4 wrote:
>
>> To feed "ham" to bayes, should one only user mis-flagged mail, or may
>> one use unflagged (below 5) mail?
>>
>> Expressed differently, can one
. . .
> Do train those, which have a Bayesian probability close(r) to 0.5. Or
> even worse, have a Bayesian probability contrary to the overall score,
> or actual classification.
>
> Training the plethora of spam hitting BAYES_99 might not be a mistake.
> But it is pretty likely, to *not* improve
>>> On 4/27/2013 at 1:20 PM, John Hardin wrote:
> On Fri, 26 Apr 2013, Joe Acquisto-j4 wrote:
>
>> So, I could just feed a bunch of good mail, to --ham, and spam that is
> correctly marked
>> as spam as well as missed spam, to --spam?
>
> Correct; the import
>>> On 4/27/2013 at 11:17 AM, Benny Pedersen wrote:
> Joe Acquisto-j4 skrev den 2013-04-27 13:37:
>
>> Very interesting. However, I don't see any BAYES_xx markings in the
>> headers at all.
>
> how is you bayes setup ?
>
> what gives "sa-lear
And how, exactly, is a sender to determine someone read an email one has sent?
Seems to me, the best one can do is be satisfied with no DSN.
joe a.
.
Chiming in here, the 'abstract' of the same RFC clearly states:
This specification enumerates and describes Internet mail addresses
(m
>>> On 5/7/2013 at 2:01 AM, Benny Pedersen wrote:
> Joe Acquisto-j4 skrev den 2013-05-06 22:16:
>> And how, exactly, is a sender to determine someone read an email one
>> has sent?
>
> there was something last year that was called rfc-ignorant.org :)
>
> i
Whatever that means.
I think that if someone has cause offense they should be allowed to
know what it was, in unambiguous terms.
joe a.
>>> Benny Pedersen 05/07/13 6:08 AM >>>
respect my signature atleast
--
senders that put my email into body content will deliver it to my own
trashcan, so
>>>> John Hardin 05/07/13 10:43 AM >>>
>On Tue, 7 May 2013, Joe Acquisto-j4 wrote:
>
>> Whatever that means.
>
>"plonk" is the notional sound that the offensive user's email address
>makes when it hits the bottom of the Usenet killfile of
>>>> Jim Popovitch 05/07/13 12:13 PM >>>
>On Tue, May 7, 2013 at 12:06 PM, Joe Acquisto-j4 wrote:
>>
>> What I did not get was why my attempts to clarify whatever offense
>> was taken were met by reject messages.
>
>Quite simply put, Benny Pede
>>> On 6/2/2013 at 12:30 PM, Wolfgang Zeikat wrote:
> In an older episode, on 2013-06-02 16:16, David F. Skoll wrote:
>
>> 3) Envelope sender is in the nacha.org domain
>
> 2 days ago, we received hundreds of mails with that envelope sender
> domain containing malware like
> Case_05312013_28192
>>> On 6/3/2013 at 6:08 AM, Axb wrote:
> On 06/03/2013 12:04 PM, Joe Acquisto-j4 wrote:
>>>>> On 6/2/2013 at 12:30 PM, Wolfgang Zeikat wrote:
>>> In an older episode, on 2013-06-02 16:16, David F. Skoll wrote:
>>>
>>>> 3) Envelope sender i
After making a change a weight, noticed it did not "take" after a restart.
Ran lint and found the snippet provided below. I'm confused as I see some of
these in the header of some email:
Aug 16 16:03:11.268 [15719] dbg: config: warning: score set for non-existent
rule RCVD_IN_MSPIKE_H4
Aug 16
So, I have this in my /etc/mail/spamassassin/local.cf:
score RP_MATCHES_RCVD 0
Yet, even after restart of spamd, mail comes thru with a -2.8.
What should I look at?
I know other stuff is read as I changed trusted and local network IP's and had
a typo in one. lint called me out on it.
joe a
>>> On 8/19/2013 at 6:54 PM, John Hardin wrote:
> On Mon, 19 Aug 2013, Joe Acquisto-j4 wrote:
>
>> So, I have this in my /etc/mail/spamassassin/local.cf:
>>
>> score RP_MATCHES_RCVD 0
>>
>> Yet, even after restart of spamd, mail comes thr
>>> On 8/20/2013 at 5:00 AM, Matus UHLAR - fantomas wrote:
> On 19.08.13 18:23, Joe Acquisto-j4 wrote:
>>So, I have this in my /etc/mail/spamassassin/local.cf:
>
> is that the same as /etc/spamassassin/local.cf?
Don't have one of those.
/etc/mail/spamassassin
>>> What "spamassassin --lint" produce?
>>
>>Quite a lot. You want me to post the entire output?
>
> here it produces nothing. Maybe there's really syntax error in your
> configuration files?
> --
Oh, sorry, it produces nothing here as well. I was thinking (not!) of
spamassassin -D --lint
>
> Bear in mind, that will tell you whether those configuration files are
> syntactically correct; that does not tell you anything about whether or
> not those are the files the spamd daemon is using.
>
> Take a look at the script that starts spamd. It may have a hardcoded path
> to the conf
I find a few of those 3 link (sudden craving for an IHOP breakfast spams, that
contain mass quantities of non printable text in the body. This causes spamc
to skip them.
Cannot find where to change the message size, tho I must have, as it tells me
the limit is 512000 where I understand the de
. . .
>> I find a lot of references, for example, to BAYES_99 in
>> /usr/share/spamassassin/blah.cf. I certainly don't know if these would
>> override the setting in /etc/mail/spamassassin/local.cf.
>
> Local settings should override standard settings, so no.
OK. That's what I thought. How
>>> On 8/23/2013 at 3:42 AM, James Griffin wrote:
> !-- On Wed 21.Aug'13 at 14:51:56 BST, Matus UHLAR - fantomas
> (uh...@fantomas.sk), wrote:
>
>> On 21.08.13 09:47, Joe Acquisto-j4 wrote:
>> >I find a few of those 3 link (sudden craving for an IHOP
>>> On 8/23/2013 at 6:43 AM, "Joe Acquisto-j4" wrote:
>>>> On 8/23/2013 at 3:42 AM, James Griffin wrote:
>> !-- On Wed 21.Aug'13 at 14:51:56 BST, Matus UHLAR - fantomas
>> (uh...@fantomas.sk), wrote:
>>
>>> On 21.08.13 09:47, J
>> joe a.
>
> Well, now that I increased the size, they did too. However, now it slips
> thru without a word as to why.
> mime below (large section of fill words snipped to meet pastebin limit):
>
> http://pastebin.com/7hSxDZmg
>
>
> Should it at least tell me it skipped due to size?
OK, s
ose I should
repost this with details of what I
have done so far, as even those of kind and gentle nature may not be inclined
to search it out.
But I won't clutter further, if there is no interest.
joe a.
>>> "Joe Acquisto-j4" 08/21/13 9:45 AM >>>
>
&
Thanks for the leads.
>>> On 9/6/2013 at 10:05 AM, Kris Deugau wrote:
> Joe Acquisto-j4 wrote:
>. . .
> I read back a bit in the thread; you've definitely got something
> strange going on.
>
> I don't see a couple of bits of information that mi
e of little value.
On 09/06/2013 03:20 PM, Joe Acquisto-j4 wrote:
> I'd like to revisit this, now that I have sufficient energy to devote to some
> hard sleuthing. Despite the
> fact that I was less than sharp (ahem) when first looking at this, I do feel
> I have covered all
I've been having various issues with changes to local.cf not "taking".
Seem to have resolved these, yet there is one more issue that troubles.
(mostly typos apparently, BTW)
So today, after getting changes to BAYES weights to "take", I found some SPAM
gets thru anyway as the
score come up shor
>>> On 9/14/2013 at 7:40 AM, RW wrote:
On Sat, 14 Sep 2013 07:24:31 -0400
Joe Acquisto-j4 wrote:
> I've been having various issues with changes to local.cf not "taking".
>
> Seem to have resolved these, yet there is one more issue that
> troubles. (mostly
>>> On 9/14/2013 at 11:24 AM, Matus UHLAR - fantomas wrote:
On 14.09.13 08:12, Joe Acquisto-j4 wrote:
>Yes the displayed scores are all rounded.
>Yet, just now, I got this:
>(which apparently did not round the same way ?? Just trying to understand)
>
>X-Spam-Level: **
&
>>> On 9/14/2013 at 10:47 AM, "Kevin A. McGrail" wrote:
On 9/14/2013 7:24 AM, Joe Acquisto-j4 wrote:
> I've been having various issues with changes to local.cf not "taking".
>
> Seem to have resolved these, yet there is one more issue that troubles
"David F. Skoll" 10/16/13 2:32 PM >>>
>. . . .as long as they don't mind
>paying extra and don't mind the NSA having access to their email. :)
>
>Regards,
>
>David.
Of course you mean "easier access" . . . ?
joe a.
OT, but hoping someone can cut thru the weeds for me.
A new setup, with the intent that this machine do nothing but readdress mail to
those in the virtual aliases list, and just pass the rest on, unchanged.
Works as intended, but received mail says it is "from" r...@mybox.tld.We
would li
Well, err, umm, please excuse the intrusion. Operator malfunction. (it helps
to actually have mail sent from off box . . . ahem)
>>> "Joe Acquisto-j4" 06/26/14 12:58 PM >>>
OT, but hoping someone can cut thru the weeds for me.
A new setup, with the intent that
>>> On 7/10/2014 at 3:35 PM, "David F. Skoll" wrote:
> On Thu, 10 Jul 2014 12:25:50 -0700
> Ted Mittelstaedt wrote:
>
>> Fundamentally I think the problem is with attachments.
>
> No, the problem is not with attachments. An attachment actually included
> in an email is no more dangerous than a
For some time have been fetching (POP-ing) mail from a provider.
Now have sprung for static IP and an allotted pipe size and was going to change
my MX to deliver directly to me.
Suddenly, I am struck with the question of what happens to my wonderful
stockpile of HAM'n'SPAM ("corpus" I think
>>> On 8/4/2014 at 5:03 PM, RW wrote:
> On Mon, 04 Aug 2014 15:22:03 -0400
> Joe Acquisto-j4 wrote:
>
>> For some time have been fetching (POP-ing) mail from a provider.
>>
>> Now have sprung for static IP and an allotted pipe size and was going
>>
Sorry to be OT.
I thought this would be simple, but I am getting muddled, at this time of day.
Have setup a postfix host to accept email from various (local) hosts and
forward. The initial idea was to simply create a list of people for whom to
forward email to another domain (translating the
Comments on the ZD net article that claims shellshock exploit via crafty SMTP
headers? Just asking, that's all . . .
I attached a link to it below, please excuse if that is improper behavior.
http://www.zdnet.com/shellshock-attacks-mail-servers-735094/
Just checking.
>>> On 1/17/2015 at 9:22 PM, cool hand luke
>>> wrote:
> On 01/17/2015 03:59 PM, Joe Acquisto-j4 wrote:
>> Just checking.
>>
>
> From http://www.list.org/mailman-member/node25.html:
>
> "7.6 I don't seem to be getting mail from t
Sorry if this seems newbie-ish, but . . .
I just got (a) phish purporting to be a major CC and had to scroll way down the
html stuff to find the phishy link.
Will this address that problem?
joe a.
>>> Axb 04/02/15 4:25 PM >>>
Gals (3?) & Guys
If you're being plagued by the new TLD spams AND
I am off site so cannot provide more details, but, basically, a smooth running
SA with a white listed email address, that has worked fine, ie, being let thru
without muss or fuss, decided to scan one email from that address, anyway.
And of course it got marked up and marked as possible SPAM.
I
>>> On 6/24/2015 at 5:23 PM, John Hardin wrote:
> On Wed, 24 Jun 2015, Joe Acquisto-j4 wrote:
>
>> I am off site so cannot provide more details, but, basically, a smooth
>> running SA with a white listed email address, that has worked fine, ie,
>> being let t
>>> On 6/24/2015 at 6:22 PM, "Kevin A. McGrail" wrote:
> On 6/24/2015 6:18 PM, Joe Acquisto-j4 wrote:
>> Oh, no. Poor wording on my part.
>>
>> The whitelisting is in main.cf. I just expected it would not be subjected
> to being marked as S
>>> On 6/24/2015 at 8:54 PM, Reindl Harald wrote:
> Am 25.06.2015 um 02:47 schrieb Joe Acquisto-j4:
>> Thanks. I don't feel comfortable doing pastebin with this particular email.
> Anyway, I found I left out underscore in whitelist_from.
>>
>> To c
>>> On 6/25/2015 at 7:15 PM, RW wrote:
> On Wed, 24 Jun 2015 20:47:07 -0400
> Joe Acquisto-j4 wrote:
>
>> Thanks. I don't feel comfortable doing pastebin with this particular
>> email. Anyway, I found I left out underscore in whitelist_from.
>>
&
Last few days, noticed getting two of some messages. Been busy at my day job
and brushed it off. But now it appears to be happening with some
(ir)regularity.
I can see from /var/log/mail that the repeat messages do have identical
message-id. The only difference that caught my bleary eye w
This may not be the right place to discuss this, as it is a generic anti SPAM
query, but please indulge and point me to where answers might be found. Or,
just answer if you feel inclined. After this mornings SPF discussion . . .
well, I'll ask anyway.
An organization I know of is moving to o
Dave Pooser 10/22/15 11:53 AM >>>
>(Oops, forgot to include the list first time. Need more caffeine)
Me too.
>>An organization I know of is moving to o365 from their own mail system.
>>For a variety of reasons, the migration cannot be completely resolved
>>"day one". Thus, we concocte
1 - 100 of 116 matches
Mail list logo
