On 11/11/2010 7:07 PM, Rob McEwen wrote:
On 11/11/2010 7:41 PM, Noel Butler wrote:
Really? I don't use SPF in SA, only MTA, if that's the case, it is a
shame that SA also is behind the times. It was years ago SPF type was
ratified. Justin: Any plans to change that?
I guess I'm one of those ma
On 12/1/2010 11:47 AM, Rob McEwen wrote:
On 12/1/2010 12:05 PM, David F. Skoll wrote:
Where did you hear that? I can't imagine that
IPv6 is any less (or any more) anonymous than IPv4.
One HUGE problem is that IPv6 will be a spammer's dream and a DNSBL's
nightmare. A spammers (and blackhat E
On 2/17/2011 6:52 PM, Warren Togami Jr. wrote:
On 2/17/2011 5:40 AM, RW wrote:
The suggestion is that it be scored higher for that reason.
Or just outright block all MTA connections from anything listed in
zen.spamhaus.org, which seems to be safe. Large sites I know have been
doing that for
yes. URIBL_RHS_DOB is somewhat useful. It's not _very_ reliable alone
though, so I use it with META rules that add points for combinations
with other things that are common with uri type spam.
It seems to hit much of the same things as fresh.spameatingmonkey.net
ymmv.
Ken
On 5/27/2011 3:17
On 1/11/2012 11:51 AM, Dave Funk wrote:
On Wed, 11 Jan 2012, --[ UxBoD ]-- wrote:
The type of SPAM we are seeing is where legit companies are having
their adverts cloned and the hyperlinks changed to spammy sites.
sanesecurity hits many of these.
uri filters can also assist.. surbl, uribl
Matt Kettler wrote:
At 02:04 PM 2/25/2005, Jerome Cartagena wrote:
The main reason I believe this is a performance issue is the strange
flat line that is demonstrated by the graph. Although it concerns me
that I get much more HAM than SPAM (I believe current industry
standards report 80+% spam
other thing that would get FPs is mail like this list that is sent
To: or cc: users@spamassassin.apache.org
Not sure how you work around that one. Probably would need to lower the
scoring a bit, since you'd have a lot of FPs on this one.
Ken A.
Pacific.Net
Brian R. Jones wrote:
So I wr
Jim Maul wrote:
Stream Service || Mark Scholten wrote:
For so far I know it isn't possible to have a TTL that is to low (if I
may believe the RFC files). It is also impossible to have to many
A-records. With both facts in mind I would suggest that you find an
other method off detecting SPAM.
Joe Pranevich wrote:
Hello,
I maintain a large webmail host (I bet you can figure out which one) for
free/paid accounts that sends out tens of thousands of emails a day. We're
not quite Yahoo Mail or Hotmail, but we're pretty big. We're looking to scan
outbound mail using SpamAssassin and I'm ho
Jason Bertoch wrote:
On Tuesday, September 11, 2007 7:07 PM Marc Perkel wrote:
The details are a little to complex for this forum ...
OK - had quite a few trolls here who seem to be hostile to my
breakthroughs so I wasn't that motivated to post information.
Is there any chance we can get a
Bob Proulx wrote:
Arthur Dent wrote:
One thing that does plague me however is a periodic rash of Non
Delivery Receipt messages (I've just had one now - about 10-15 or
so). These score anywhere between 1.2 and 11.1 but mainly around the
3.7 mark (below my spam threshold of 5.0). They all hit the
Matus UHLAR - fantomas wrote:
On 30.11.07 06:06, Ben Spencer wrote:
Some sendmail milters due look at that banner. And perform lookups on it.
One which comes to mind is milter-spiff (SPF checks). A misconfiguration
host with misleading banner information may also contain other
misconfiguration w
Michael Scheidell wrote:
Ok, google/gmail emails back says 'this didn't come from us because people
are forging our domain'.
Reverse dns shows it google, dkim sig says its google.
Time to blacklist google.
Either google lies or they have been hacked and hackers are spamming through
them. Eithe
If you throw MailScanner into the mix with SpamAssassin, you can do per
user prefs in combination with sendmail (not postfix) and splitting
messages with multiple recipients into single messages using sendmail's
queue group functionality. Alternately, you could do it in a pop3 proxy.
ail (not postfix) and
splitting messages with multiple recipients into single messages using
sendmail's queue group functionality. Alternately, you could do it in
a pop3 proxy.
Ken A.
Amavisd-new works well with Postfix. You can use static tables created
directly in the configuration file
through S.A. in order to apply per
user rules, so some of the overhead of splitting messages in the
incoming MTA (sendmail) is mitigated.
Ken A
Mark
Rick Wesson over at Alice's Registry has a dnsrbl listing recently
registered domains (see below). I thought this might be of interest to
SA users. Anyone used this, or other rbl with similar functions?
Scoring?
Accuracy?
Thanks,
Ken A
Pacific.Net
Original Message
Su
Jeff Chan wrote:
On Thursday, June 22, 2006, 10:35:10 AM, Ken A wrote:
Rick Wesson over at Alice's Registry has a dnsrbl listing recently
registered domains (see below). I thought this might be of interest to
SA users. Anyone used this, or other rbl with similar functions?
Sc
send mail to [EMAIL PROTECTED] is quite another. :-(
Microsoft has a couple lists at http://research.microsoft.com/URLTracer/
but not all of these are registered or known to be typosquatters.
Any others out there?
Thanks,
Ken A.
Pacific.Net
http://www.fsl.com/defender5.html
Ken
Pacific.Net
Burton Windle wrote:
Does anybody know of a vendor that sells boxes with SpamAssassin
pre-installed, with a pretty GUI with quarantine ability? (My company
won't allow home-brewed solutions, as they want a vendor to call if I
get hit by a spam
See
http://wiki.mailscanner.info/doku.php?id=documentation:configuration:mta:sendmail:how_to:split_mails_per_recipient
Ken A
Pacific.Net
Patrick Wolfe wrote:
I noticed today that an image spam email passed through my
sendmail/mimedefang/spamassassin config, because it was addressed to
multiple
Patrick Wolfe wrote:
Ken A wrote:
See
http://wiki.mailscanner.info/doku.php?id=documentation:configuration:mta:sendmail:how_to:split_mails_per_recipient
Ken A
Pacific.Net
I don't believe this will help, since mimedefang runs spamassassin
during the inbound SMTP session, befor
jdow wrote:
From: "jdow" <[EMAIL PROTECTED]>
postini.com is spewing an image spam that is getting through filters.
Worse yet they are using acm.org as a relay
More specifically the first one of these spams I received was from
a Brazillian address. The next two, of a set of three, were
Theo Van Dinter wrote:
On Mon, Jul 31, 2006 at 04:11:43PM -0700, Ken A wrote:
These image spams are not easy to stop. I'm finally getting them with a
'full' rule matching a string that is common in the base64 encoded image
part. I'm sure the image will change friday a
Jim Maul wrote:
John D. Hardin wrote:
On Tue, 1 Aug 2006, Ramprasad wrote:
How about sending "450 Please Try later" to ever mail with an
inline image and then somehow verify if it really comes back.
(Obviously not my original idea :-) )
The problem there, again, is that you've already us
Marc Perkel wrote:
I'm writing a paper that I'm submitting to an Internet Governance Forum
of the United Nations. Keeping in mind that free speech and freedom is
important, what would you change in the world to stop spam? I'm looking
for things that are actually possible and practical. Suggest
jdow wrote:
From: "Marc Perkel" <[EMAIL PROTECTED]>
Magnus Holmgren wrote:
On Wednesday 02 August 2006 21:29, Marc Perkel took the opportunity
to say:
The zombies wouldn't be able to connect because the zombies wouldn't
have the IMAP password.
In that case, neither the SMTP passwor
jdow wrote:
From: "Ken A" <[EMAIL PROTECTED]>
That's crazier than I thought you were. If you expect the average
user to go along with that you're not connected with reality very
well. Your idealism is getting in the way.
He's engaged in marc-eting ? sorry...
Chris Santerre wrote:
-Original Message-
From: Rob Poe [mailto:[EMAIL PROTECTED]
Sent: Thursday, August 10, 2006 5:40 PM
To: Kenneth Porter; users@spamassassin.apache.org
Subject: Re: Word Doc spam
I got one of these too...
Kenneth Porter <[EMAIL PROTECTED]> 8/8/2006 8:07 AM >>>
-
il hub
bounces it back to the gateway and it tries to send it back to the
domain who's MX is localhost.fabulous.com. We use MailScanner, so
there's a ~3 sec delay between when the gateway accepts the mail and
when it's delivered to the mail hub.
Ken A.
Pacific.Net
Theo Van Dint
http://mailwatch.sourceforge.net/
Doesn't do per user SA rule scores since it works with MailScanner, and
MailScanner doesn't support that, but does do pretty much everything
else SA, clamav and MailScanner do, including logging to mysql,
quarantine & release, plus some pretty g
DAve wrote:
Ken A wrote:
http://mailwatch.sourceforge.net/
Doesn't do per user SA rule scores since it works with MailScanner,
and MailScanner doesn't support that, but does do pretty much
everything else SA, clamav and MailScanner do, including logging to
mysql, quarantine
ood
idea.. Any thoughts on this?
fullLOCAL_09152006_0_DAY/DirectAnimation.PathControl/i
describe LOCAL_09152006_0_DAY DirectAnimation.PathControl object code
score LOCAL_09152006_0_DAY10
Ken A.
Pacific.Net
Daniel T. Staal wrote:
On Fri, September 15, 2006 4:34 pm, John D. Hardin said:
On Fri, 15 Sep 2006, Ken A wrote:
Seems like testing for "DirectAnimation.PathControl" would be a good
idea.. Any thoughts on this?
fullLOCAL_09152006_0_DAY/DirectAnimation.PathControl/
It looks like you are listed in spamcop and apparently Comcast is either
using spamcop or they have their own list that is blocking you. You
really need to contact comcast about this, not the spamassassin list.
This list has nothing to do with your problem.
See:
http://spamcop.net/w3m?action=ch
Andreas Pettersson wrote:
Ken A wrote:
It looks like you are listed in spamcop and apparently Comcast is
either using spamcop or they have their own list that is blocking you.
Comcast themselves are using a spam filter?
(Let me taste that line one more time...)
Comcast themselves are
Anyone else seen this one?
http://postmaster.info.aol.com/errors/554hvuip.html
Seems rather harsh, but probably quite effective.
Ken A.
Pacific.Net
Adam Lanier wrote:
On Mon, 2006-10-02 at 12:36 -0700, Ken A wrote:
Anyone else seen this one?
http://postmaster.info.aol.com/errors/554hvuip.html
Seems rather harsh, but probably quite effective.
As reported on the SPAM-L mailing list, this was an error on AOL's part.
According t
. OSSEC HIDS, http://ossec.net/ or something
similar can block the IP using iptables or hosts.deny. It will
automatically un-block after a configurable time period. Useful for
web/smtp/ftp/etc.. attacks also.
Ken A.
Pacific.Net
Wolfgang Hamann
I can't speak for others, but our server p
These stock spams are usually dead easy to catch with spam assassin, but
there's no "quick response" rules database available to get a new rule.
It's a battle of hours, not days with these stock spams.
Any thoughts on how to best address this issue, other than every SA
admin on the planet writin
e going to send before they send it..
That doesn't sound like an open source project. ;-)
Thanks,
Ken A.
Thanks,
Chris Santerre
SysAdmin and Spamfighter
www.rulesemporium.com
www.uribl.com
Neil Schwartzman wrote:
On 24/04/09 11:44 PM, it was written:
Most people do not fall for it, but the dumbest ones do fall for it.
This is not a question of intellect, it is a question of the verisimilitude
of the messaging.
both might probably more true than false. In fact I could think of
Raymond Dijkxhoorn wrote:
Hi!
I wanted to ask if others were seeing timeouts with the DOB lookups
within spamassassin. Also, it looks like their website
http://www.support-intelligence.com/dob/ is timing out as well.
Are others seeing this as well? I'm assuming most are zero'ing out the
rul
Neil Schwartzman wrote:
-
Thank you for contacting Barracuda Networks regarding your issue. ...
There are a number of reasons your IP address may have been listed as
"poor", including:
...
8. In some rare cases, your recipients'
I've had no trouble with Botnet timeouts, but just now patched anyway,
to avoid any potential trouble. I, and many others appreciate how
responsive you've been with your sanesecurity work, but not everyone has
the same resources.
Whenever I install GNU free software, I have to remember this. If
Jason Holbrook wrote:
I am undergoing a massive directory harvest attack. Is there a good set
of rules that will help stop this or a place anyone could point me.
Assuming you are doing obvious things, like not accepting mail for
non-existent users, and using whatever tweaks are available in yo
Marc Perkel wrote:
I've also created a DNS based list of domains that provide consumer
dynamic IP address space. I'm using this list internally but thought I'd
make it public in case others can use it.
Trying to inspire innovation.
Example:
dig comcast.com.isphosts.junkemailfilter.com
This
John Hardin wrote:
On Thu, 29 May 2008, Ken A wrote:
http://www.rhyolite.com/anti-spam/you-might-be.html
So how is a proponent of the "Hunt down and kill spammers very messily"
FUSSP classified?
I'm suggesting that some homework should be done before creating a list
of t
pire innovation.
Example:
dig comcast.com.isphosts.junkemailfilter.com
This list was created by grabbing the registry barrier part of the
domain name of IPs from other DNS lists that list the IPs as dynamic.
Ken A wrote:
NJABL & PBL already provide this, AND they are already pa
Graham Murray wrote:
ram <[EMAIL PROTECTED]> writes:
That is not practical.
Atleast in India, Banks use third party servers to send their mailers
often. And the ips have PTR's & HELO's which dont match the banks',
because these dont belong to the bank
Which practice does nothing at all to com
What is this the junkemailfilter announce list?
Give it a rest.
Ken
Marc Perkel wrote:
Actually - I just need your spam attempts. I have a way to detect
spambots on the first try and add them to my blacklist at
hostkarma.junkemailfilter.com
Sp - if you want to participate and lose a chunk
# host contagiousensemble.com.black.uribl.com
contagiousensemble.com.black.uribl.com has address 127.0.0.2
uribl.com + milter-link = rejected spam
Ken
Mailing Lists wrote:
Here's today's first WagonJumper's email ... the domain has a registry date back in
October 2007.
One of the bottom img
Marc Perkel wrote:
Yet Another Ninja wrote:
On 7/2/2008 6:05 PM, Marc Perkel wrote:
Is there an easy way to detect the registrar of a domain through DNS?
For example - can I easilly figure out if an email I'm processing is
hosted by GoDaddy or Tucows?
Here's what I'm thinking. I think ther
Can be a probe too. Accepting mail from that IP with that content says
something about your system. Spammers aren't stupid. They fingerprint us
just like we fingerprint them.
Ken
Pacific.Net
Karsten Bräckelmann wrote:
Please do NOT *reply* to a mail, if you start a new thread. Changing the
Su
Arvid Ephraim Picciani wrote:
On Wednesday 30 July 2008 00:55:50 mouss wrote:
Ken A wrote:
Can be a probe too. Accepting mail from that IP with that content says
something about your system. Spammers aren't stupid. They fingerprint us
just like we fingerprint them.
If I was a spammer, I
ram wrote:
On Wed, 2008-07-30 at 09:21 -0500, Ken A wrote:
Arvid Ephraim Picciani wrote:
On Wednesday 30 July 2008 00:55:50 mouss wrote:
Ken A wrote:
Can be a probe too. Accepting mail from that IP with that content says
something about your system. Spammers aren't stupid. They finger
Ralf Hildebrandt wrote:
* Robert Schetterer <[EMAIL PROTECTED]>:
Project Tarbaby helps you reduce spam and helps us build our blacklist.
This is done by adding a fake MX record to your existing MX lists
thats could be seen as a security risk
cause in rare cases you may recieve legal mails
i.
Ralf Hildebrandt wrote:
* Ken A <[EMAIL PROTECTED]>:
How? He tempfails all mails.
Are you asking how sending your customer, or company email off someplace
you don't control might be a security risk?
It's in no way more dangerous than using Postini...
Have you compared Po
Marc Perkel wrote:
Ken A wrote:
Ralf Hildebrandt wrote:
* Robert Schetterer <[EMAIL PROTECTED]>:
Project Tarbaby helps you reduce spam and helps us build our
blacklist. This is done by adding a fake MX record to your existing
MX lists
thats could be seen as a security risk
ca
DAve wrote:
Jeff Chan wrote:
[Pardon the spam; thought this new blacklist might be worth at
least trying.]
Apparently Barracuda will be publishing a free-to-use sender
blacklist called BRBL:
http://www.barracudacentral.org/rbl
Haven't tried it myself but thought it may be of interest.
We
Rose, Bobby wrote:
I had the same issue and found that the system that's relaying
(216.129.105.40) those confirmation emails doesn't have a PTR record.
You'd think someone selling a antispam/email appliance would be familiar
with the RFCs.
-Original Message-
From: Justin Piszcz [mailto:[
Marc Perkel wrote:
I don't know how this will work but I'm building the data now. For those
of you who are familiar with Day old bread lists to detect new domains,
as you know there's a lag time in the data and they often don't have
data from all the registries. So - here's a different solution
Marc Perkel wrote:
Ken A wrote:
Marc Perkel wrote:
I don't know how this will work but I'm building the data now. For
those of you who are familiar with Day old bread lists to detect new
domains, as you know there's a lag time in the data and they often
don't ha
Marc Perkel wrote:
Blaine Fleming wrote:
John Hardin wrote:
Why is it so flippin' difficult to get a feed of newly-registered
domain names?
Because the TLDs hate giving people access to the data and certainly
won't provide a feed without a bunch of cash involved. Even worse,
all the ccTL
Randy wrote:
Martin Gregorie wrote:
Why would a botnet waste resources by sending tens of thousands of
spam to a single e-mail address?
Is it really a spambot or could it be a DDOS attack?
Martin
It is both but not actually. :)
It appears to be a spambot ( botnet ) , and it rea
abled by Bcc, so if
you have privacy considerations to worry about, you might think twice.
envelope data is available to milters, so SA running via a milter could
take this into consideration without including it in the header. Not
sure if it does, but other milters certainly do.
Ken A.
Pacific.Net
it's not hitting any
ham, then you might be okay raising the score a bit. Note this isn't a
scientific, nor thourough check, so ymmv..
Ken A
Pacific.Net
Suhas (QualiSpace) wrote:
Hi friends,
I just wanted to know whether increasing the score will lead to false
positives or not. As
he milter will be unstable (see the explanation in the SPF section).
-- snip --
Ken A
Pacific.Net
Thanks.
Anyone seeing issues with rbl checks going to
sa-trusted.bondedsender.org & sa-other.bondedsender.org ?
Seeing some timeouts here this am.
Any known issues?
Ken A.
Pacific.Net
at FPs you
can live with, not the method you use. You will have some FPs with any
system that is designed to stop spam if it's any good. Yes, that is a
contradiction, and that's the balance any sysadmin has to find.
Ken A
Pacific.Net
mike
to be sure you didn't
hit real short emails containing only numbers, like phone numbers,
passwords, etc..
The one below also FPs on the real outlook client.
The Date header seems to be a bit messed up.(space,tab,date)
Might look at that too. ;-)
Ken A
Pacific.Net
Cheers,
-=Ray
Justin Maso
'spamassassin --lint' gives me some soft errors on some SARE rules (see
below) Are these known, 'ignore for now' sorts of things due to SA 2.x
and SA 3.x installs, or should I be doing something about this?
Is there any way to adjust --lint to not show these ?
Thank
make
about how this or that doesn't work (usually because you don't
understand it), and the overly broad "how are we gonna make a better
toaster?" questions really do increase the noise level quite a bit here.
Some people on this list have to pay per kb of bandwidth used.
Ken A.
Pacific.Net
Jim Maul wrote:
Ken A wrote:
Dhawal Doshy wrote:
Marc Perkel wrote:
Well - if you don't like me then why don't you write a filter rule
to delete message coming from me? I'm not going away so get used to
it. If my threads weren't so damn interesting it wouldn't g
check_rbl_sub('nerds','127.0.0.156')
describe RCVD_IN_NERDS_CN Received from China
tflags RCVD_IN_NERDS_CN net
score RCVD_IN_NERDS_CN 2.5
etc...
See http://countries.nerd.dk/ for more info.
Ken A
Pacific.Net
I’ve tried adding “.cn” and
Just add 10 to a test that matches everything, then subtract 10 for
being in the U.S.
Ken A.
Pacific.Net
Robert Swan wrote:
Let's say I wanted to score everything but the US. Do I have to write
rule for every country or is there an easier way?
Robert
header RCVD_IN_NERDSeval:chec
Giampaolo Tomassoni wrote:
From: Ken A [mailto:[EMAIL PROTECTED]
Just add 10 to a test that matches everything, then subtract 10 for
being in the U.S.
Yeah. And keep 10 for canada, mexico and south america...
You're beginning to speak alone, isn't it?
Well, the way I look at
the Bayesian Girl Dancers. *cue Darude - Sandstorm*
Ah, yes, that deep green Bayesian skin reminds me of home. "Captain, do
you really think we'll find a Spam Assassin here?". "Oh, yes Scotty, I'm
sure of it."
Ken A
Pacific.Net
Thanks,
Chris Santerre
SysAdmin and Spamfighter
www.rulesemporium.com
www.uribl.com
cribeLOCAL_STOCK_1_TTEN TTEN stock spam
score LOCAL_STOCK_1_TTEN 5.5
ymmv!
Ken A
Pacific.Net
also monitoring your IP space for any RBL
listings, setting up TOS feedback loops with AOL, etc... All part of the
hosting business these days..
Ken A
Pacific.Net
>
> Thanks for your time..
>
> _
> 메신저에서 문자를 바로 보내보세요 http://phonebuddy.msn.co.kr/
f examples to build from
http://cricket.sourceforge.net/contrib/
Ken A
Pacific.Net
Regards,
Scott
rules, you'll be able
to respond to this sort of thing much quicker.
The risk of an FP is somewhat greater though.. Especially if you happen
to have customers that get email from H&R Block, telling them how they
will "increase the size of their" ... tax refund.
Ken A
Pacific.Net
This extends to non url spam as well, of course.. ie: "replace the "R"
with a "P" for the stock symbol spam, etc.
We need to have a good rule(s) for all of the variations of the
'remove|replace|substitute' text.
Ken A.
Pacific.Net
--
John Hardin KA7OHZ
John D. Hardin wrote:
On Tue, 6 Feb 2007, Ken A wrote:
John D. Hardin wrote:
I think the most robust non-DNS test would be on the length of the TLD
in the obfuscated domain.
There are too many possible obfuscations using valid characters.
It doesn't matter what obfuscation character
Is there any way to ask spamassassin what the score of a particular rule
is? I have rules here and there, and would like to be able to easily
look up the score of a rule without grepping all over the place.
Ideas?
Thanks,
Ken
Bowie Bailey wrote:
Kris Deugau wrote:
Ken A wrote:
Is there any way to ask spamassassin what the score of a particular
rule is? I have rules here and there, and would like to be able to
easily look up the score of a rule without grepping all over the
place.
Pass a mail that you know triggers
Body. I assume it's a spam trojan
run amok?
Currently, I just added a META rule to deal with them appropriately.
Anyone else seeing these?
Ken A
Pacific.Net
Bowie Bailey wrote:
Ken A wrote:
EMPTY_MESSAGE 1.50, MISSING_HEADERS 0.19, MISSING_SUBJECT 1.34,
MSGID_FROM_MTA_HEADER 0.00, MSGID_FROM_MTA_ID 0.93, NO_REAL_NAME 0.55,
TO_CC_NONE 0.13, UNCLOSED_BRACKET 2.48
?
We are seeing many, many hundreds of these very small messages, with
NO Subject: or
Christian Reiter wrote:
Hi Patrick!
is there any WebGUI for training and managing Spamassassin
like DSPAM uses one?
May Maia Mailguard could help you:
http://www.renaissoft.com/maia/
Or MailWatch if you use MailScanner/SA.
http://mailwatch.sourceforge.net/
Ken A
Kind Regards
"spamassassin time out" can be caused by slow dns lookups. I assume you
are using the rbls in S.A., and not MailScanner? Are you running a local
caching nameserver?
What do `vmstat` and `free` say? Any swap in use? If yes, get more ram.
1gb ram would be a good place to start for a MailScanner/
Jim Knuth wrote:
Heute (05.04.2007/02:34 Uhr) schrieb Luis Hernán Otegui,
Well, if you have Postfix and Amavis, I've tried amavis-stats (a little bit
old now, and frankly, never worked correctly on my Debian-based servers).
I'm currently using Mailgraph, from the Debian package. Works like a
According to:
http://svn.apache.org/repos/asf/spamassassin/tags/spamassassin_release_3_2_0/Changes
- separate a signature verification from fetching a policy, which makes it
possible to avoid one DNS lookups (by not fetching a policy) for each
unverified message by setting score to 0 for al
Does anyone know what is injecting this "3793/xpopup.js" and
"_popupControl()" all over the place. There's usually a http://127.0.0
.1 in front of the port :3793
I'm seeing it in webpages and email (not mine! google for it and you'll
see what a mess it's making).
I've searched and all I see
Ernie Dunbar wrote:
We just put our mailserver (with SpamAssassin of course) behind a firewall,
and now we get many many interesting error messages from spamd telling me
that there's no route to some host or other. I tweaked the DnsResolver.pm
module to show what host it was trying to route to, a
Jerry Durand wrote:
On Jun 1, 2007, at 6:48 AM, Luis Hernán Otegui wrote:
Search through the archives, there was a patch to add it to SA.
Also note, do NOT use Zen to evaluate headers or anything in the body.
Unless of course you need to. ;-)
http://wiki.apache.org/spamassassin/TrustedRel
Jerry Durand wrote:
At 08:47 AM 6/1/2007, Ken A wrote:
Jerry Durand wrote:
On Jun 1, 2007, at 6:48 AM, Luis Hernán Otegui wrote:
Search through the archives, there was a patch to add it to SA.
Also note, do NOT use Zen to evaluate headers or anything in the body.
Unless of course you need
Jerry Durand wrote:
On Jun 1, 2007, at 11:54 AM, Richard Frovarp wrote:
That's assuming you aren't using it intelligently. SA checks all
received headers via Zen to see if they are in the SBL. PBL and XBL
are only checked against last external header, via Zen.
Ah, nobody mentioned that S
Anyone else having trouble getting to uribl ?
www not coming up. I hope we aren't seeing another anti-spam casualty. :-(
--
Ken Anderson
Pacific.Net
From: Ken A [mailto:[EMAIL PROTECTED]
Sent: 06 June 2007 17:38
To: users@spamassassin.apache.org
Subject: www.uribl.com
Anyone else having trouble getting to uribl ?
www not coming up. I hope we aren't seeing another anti-spam casualty.
:-(
--
Ken Anderson
P
Raymond Dijkxhoorn wrote:
Hi!
Anyone else having trouble getting to uribl ?
www not coming up. I hope we aren't seeing another anti-spam casualty.
:-(
There are some botnets having fun with both URIBL and SURBL.
Bye,
Raymond.
Ah, yes www.surbl.org has gone missing too.
Forget national id
1 - 100 of 112 matches
Mail list logo