;re running reasonably up-2-date DNS stuff it does just work.
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_adminIowa City, IA 52242-1527
#include
Better is not better, 'standard' is better. B{
into their Outlook & hit 'send'.
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_adminIowa City, IA 52242-1527
#include
Better is n
ariables offered but it cannot 'see' any that are not offered.
So when in doubt give it more than it needs.
EG for your instance, set that confMILTER_MACROS_ENVRCPT to be:
define(`confMILTER_MACROS_ENVRCPT',`r, v, Z, b, _, {greylist}')dnl
--
Dave Funk
dering creating a
> grep-based filter, but that seems expensive. I am really hoping someone can
> point me in the right direction.
>
>
Hi Jason,
I use procmail to achieve just this, can you provide some log extracts
on where you are seeing "Security Reasons"?
Kind Regards,
Dave Walker
Bayes knowledge is - use "$ sa-leanrn
--dump magic"
HTH.
Kind Regards,
Dave Walker
greater than a score of 5, "Maybe" is a score
greater than 3 and "Teachspam" is where I move any missed spam and it
pushes back to SA as known spam to be taught.
The benefit of using procmail is that you can have additional rules for
placing mail. However some people swear by a MDA called Sieve.
However you do it, it doesn't really matter IMO - however, I quite like
that way.
Kind Regards,
Dave Walker
tion link just to make sure
the backscatterer gets the spam. I figure if he wants me to filter his spam
for free, he'll get every bit of his money's worth. ;-)
--
Dave Pooser
Cat-Herder-in-Chief, Pooserville.com
"If you think bringing a wet noodle to an Amish rake fight
makes you &#
chment spam. I've posted
two examples:
http://spam.daviey.com/rtfspam.txt
http://spam.daviey.com/rtfspam1.txt
Kind Regards,
Dave Walker
John Hardin wrote ... (6/11/2009 4:21 PM):
> On Thu, 11 Jun 2009, John Rudd wrote:
>
>> As I've said, I don't really have a plan to incorporate the patch
>> into the main dist.
>
> You probably should. It doesn't prevent you from pursuing your design
> changes, and it would fix the problem for thos
te 4 July
as Ungratefulness Day. I assume you gave the holiday a different name to
clarify for those of us on the wrong side of the pond?)
--
Dave Pooser
Cat-Herder-in-Chief, Pooserville.com
"...Life is not a journey to the grave with the intention of arriving
safely in one pretty and well-pres
HERE to post a message.
|
It has had mail-list support for over 10 years.
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_adminIowa City, IA 52242
ist would be appreciated
>> :-)
>>
Perhaps:
http://www.mailbucket.org
The only criticism i have with the SA list is that the "Reply-To" header
isn't set, meaning most mail clients will reply directly to the person -
rather than the list. Perhaps I should add some procmail foo, but ho hum.
Kind Regards,
Dave Walker
er 99% of the mail received from CC at $ORKPLACE is
requested by my users. No complaints here.
--
Dave Pooser
Cat-Herder-in-Chief, Pooserville.com
"And the beer I had for breakfast
Wasn't bad, so I had one more for dessert."
OB. But as it is, it feels like paying the large Italian guy
who comes around and says "Nice mail server ya gots here-- be a shame if
something wuz to HAPPEN to it"
--
Dave Pooser
Cat-Herder-in-Chief, Pooserville.com
"...Life is not a journey to the grave with the intention of a
; faster and 100x more friendly for the tech directors to use than the $20k GVG
> package was.
Heh. And today at $DAYJOB we're using $2200 worth of Playback Pro software +
iMac because it's 4x faster and 100x more friendly than the $10k GV Turbo.
The more things change :-)
ght it be possible to share the code so
that some of us could auto-generate rules based on our own ham/spam
mailstreams, and then share those rules with you for possible SOUGHT
inclusion?
--
Dave Pooser
Cat-Herder-in-Chief, Pooserville.com
"...Life is not a journey to the grave with the inten
me
I'd "known" him he'd been living with a diagnosis of terminal cancer (they
gave him six months-- he held on four years); through chemo and all the
other sufferings he'd stayed energetically involved in fighting spam and
helping others learn to do so. Talk about sliding acr
l? The milter has access to all the desired
info (both from sendmail & spamd) and you can log what ever you desire.
By the time you get to procmail the message is already in the 'delivery'
phase and some of your desired info is no longer available.
--
Dave Funk
isn't at fault for its condition, but I'm not
gonna get close enough for it to bite me.
--
Dave Pooser
Cat-Herder-in-Chief, Pooserville.com
"...Life is not a journey to the grave with the intention of arriving
safely in one pretty and well-preserved piece, but to slide across the
fini
elist_auth is worth its weight in platinum
--
Dave Pooser
Cat-Herder-in-Chief, Pooserville.com
"...Life is not a journey to the grave with the intention of arriving
safely in one pretty and well-preserved piece, but to slide across the
finish line broadside, thoroughly used up, worn out, leaking
hasn't left Texas, let alone the US, in the past few years-- and used a
number of phrases that a native speaker of American so-called-English
wouldn't.
--
Dave Pooser
Cat-Herder-in-Chief, Pooserville.com
"...Life is not a journey to the grave with the intention of arriving
safely
tails. If you're interested in discussing it, or collaborating,
we'd like if it you would join the mailing list (see above URL) so that
we can try and keep the discussion all in one place.
Cheers,
Dave
--
Dave O'Neill Roaring Penguin Software Inc.
+1 (613) 231-6599
ses.
That's a very bad idea-- legitimate senders will sometimes mistype
addresses, and having their messages disappear into a black hole with no
notice to the sender is... suboptimal.
--
Dave Pooser
Cat-Herder-in-Chief, Pooserville.com
"...Life is not a journey to the grave with the in
O_ABUSED80.0
Messages from whitelisted users will start with a score of -20; messages
from other users will start with a score of 80.
--
Dave Pooser
Cat-Herder-in-Chief, Pooserville.com
"...Life is not a journey to the grave with the intention of arriving
safely in one pretty and well-pr
t the FUSS, not the ultimate hat-checker. Just a way that I can
make sure legitimate mails from $sender get through while forged messages
pretending to be from $sender don't. This ain't rocket surgery.
--
Dave Pooser
Cat-Herder-in-Chief
Pooserville.com
0.1
Untested. Warning could cause false positives. Some of those characters
-could- be used in legit addresses (EG X400 uses '/') but that's rare.
Test and adjust according to your mail environment.
--
Dave Funk University of Iowa
College of
er implementation for the protocol,
but given sufficient interest and support, that could happen.
Cheers,
Dave
--
Dave O'Neill Roaring Penguin Software Inc.
+1 (613) 231-6599http://www.roaringpenguin.com/
For CanIt technical support, please mail: supp...@roaringpenguin.com
first things first. The protocol is extensible to other event
types, but the only ones specified thus far are for IP address events.
Other types will come later.
Cheers,
Dave
--
Dave O'Neill Roaring Penguin Software Inc.
+1 (613) 231-6599http://www.roaringpengui
f unwanted messages.
Look at existing MTAs and "borrow" good ideas. ;)
FWIW, I'm prejudiced as I've only ever worked with sendmail & postfix.
Other people can chime in about other MTAs.
--
Dave Funk University of Iowa
College of Eng
Personally, I am tired of this entire thread. It has nothing to do with
SA, so PLEASE move it to the MailChannels discussion forums or lists.
Jo Rhett wrote:
I'm tired of wasting time with this pointless conversation. Just stop
making authoritative statements about products you haven't rese
w to read users' passwords, etc?
We require our PC users to authenticate when sending and I had assumed
that would stop viruses/trojans. Am I being naive?
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-0549
before, I
know what I think of them now. Well, I will share my response to them as
well. :-)
-Original Message-----
From: Dave Koontz
Sent: Wednesday, June 11, 2008 7:02 PM
To: 'Desmond Liao'
Subject: RE: Request for Interview
Boy, you are border line on SPAM by sending me this m
does CCing someone have to do with bouncing back
incorrect SPF failure messages?
I'm sorry, but you're a constant source of backscatter, Benny.
--
*Dave Koontz* (MCSE/GCIH)
Associate Director
Computer & Information Services
*Mary Baldwin College*
Email: [EMAIL PROTECTED]
Phon
lt, MIMEDefang uses the
SpamAssassin perl modules directly. Have you modified your MIMEDefang
filter to use spamd instead?
Cheers,
Dave
--
Dave O'Neill <[EMAIL PROTECTED]>Roaring Penguin Software Inc.
+1 (613) 231-6599http://www.roaringpenguin.com/
For CanIt
p; SpamHaus
usually fire too.
Bottom line, network tests seem to be the best defense.
--
Dave Funk University of Iowa
College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_adminIowa City
Rejaine Monteiro wrote ... (8/1/2008 1:40 PM):
Hi all
How can I create a generic rule to block any e-mail with links to
dangerous files ?
Like http://.zip or http://***.exe or ***.doc.exe etc...
This is one I wrote to deal with a large influx of Storm Worm's that got
through once.
Justin Piszcz wrote ... (9/22/2008 10:14 AM):
> Hmm I signed up for this 1-2 days ago but never got a confirmation
> e-mail from them? What is the RBL name?
>
> Justin.
Same here. For those currently running this, how long did it take to
get confirmation email and setup?
~ Sparky ~
Rose, Bobby wrote ... (9/22/2008 10:24 AM):
> I had the same issue and found that the system that's relaying
> (216.129.105.40) those confirmation emails doesn't have a PTR record.
> You'd think someone selling a antispam/email appliance would be familiar
> with the RFCs.
>
That would explain wh
Let's see how they respond.
*From:* Dave Koontz
*Sent:* Monday, September 22, 2008 11:56 AM
*To:* [EMAIL PROTECTED]
*Subject:* RE: Thank you for contacting BarracudaCentral.org
I just signed up over the weekend for your new BRBL service.
nt to
check rDNS on, not the workstation that submitted the original message
somewhere in the bowels of an RFC1918 network.
--
Dave Pooser
Cat-Herder-in-Chief, Pooserville.com
"...Life is not a journey to the grave with the intention of arriving
safely in one pretty and well-preserved pi
Joseph Brennan wrote ... (9/23/2008 2:37 PM):
> No, they don't, really. They 'may' do that (see below). Try it.
>
> Effective immediately: AOL
> 220- may no longer accept connections from IP addresses which
> 220 have no reverse-DNS (PTR record) assigned.
According to AOL's Poli
:23 -0700
From: BCOrgInfo_Team
Hi Dave,
Thank you for contacting BarracudaCentral.org. We have resolved the
rDNS/PTR record issue.
Since you did not receive the initial confirmation email, you can
request a second email to be sent here:
http://www.barracudacentral.org/account/resend-vcode
Or
> Thanks.
> Sorry,but I'm new in spamassassin users.Can you say where I must write
> this rules?
> Thanks again.
Be very careful with that rule-- it would hit on all Russian-language email,
which considering your geographic location might be unwise.
--
Dave Pooser
Ca
Jeff Chan wrote ... (11/11/2008 7:33 PM):
> Hi Micah,
> Thanks very much for the feedback. Does anyone know how many
> non-profits have more than 1,000 users (i.e., users with
> mailboxes)? The non-profit pricing is below ISPs and half that
> of regular end users.
>
There are many non-profits
he "I told you so" effect when my rejected
submission joins their blacklist a couple of weeks later) -- but I think the
real win would come in creating a URI specifically for preemptively listing
these snowshoe domains. Anybody else think this could be useful?
--
Dave Pooser
Cat-Herde
message to
spamassassin in test mode:
spamassassin -t < testmessage.txt
Look at the output. Now open the testmessage in your favorite text
editor, change the final '.1' in that URL to '.2' and retest.
You should see a bunch of URI rule hits and the total score
> None of my friends are on
> services that are that poorly configured
No friends on Verizon? Their @#$% mail servers are 70% of my FPs.
--
Dave Pooser
Cat-Herder-in-Chief, Pooserville.com
"...Life is not a journey to the grave with the intention of arriving
safely in one pret
s-- or even accurately-flagged spam--
into that folder for learning. You can do the same thing with ham, too. I
have my server regularly learn as ham a couple of users' inboxes to make
sure Bayes has a good ham corpus to work with.
--
Dave Pooser
Cat-Herder-in-Chief, Pooserville.com
"...Life is
mple.com.
* MX 10 blackhole.example.com.
Yes, it -is- that simple. ;)
Not recommended for normal use but if you understand the risks involved,
it does work that way.
--
Dave Funk University of Iowa
College of Engineering
319/335-5751
On Sat, 14 Feb 2009, Marc Perkel wrote:
Dave Funk wrote:
On Sat, 14 Feb 2009, Marc Perkel wrote:
Marc Perkel wrote:
Hi,
I have a quick bind question. I want to set the MX records on a domain to
something normal but I want to set the MX for all subdomains to something
else
On Sat, 14 Feb 2009, Marc Perkel wrote:
Lindsay Haisley wrote:
On Sat, 2009-02-14 at 22:06 -0800, Marc Perkel wrote:
Dave Funk wrote:
Yes, it -is- that simple. ;)
Not recommended for normal use but if you understand the risks involved,
it does work that way.
Thanks Dave, but I
token data: last expire
reduction count
Thanks,
Dave
time
> >0.000 0 0 0 non-token data: last expire
> >atime delta
> >0.000 0 0 0 non-token data: last expire
> >reduction count
> >
> >
> >Thanks,
> >Dave
> >
>
> What does it say if you r
in-3.1.7-1.el4.rf
Why would it error out on files that came with it?
Dave
On Tue, 2006-11-28 at 09:38 -0700, Gary V wrote:
> >I NEVER get any bayes_?? in my headers
>
> >Here is the output as the amavis user:
> >
> >0.000 0 64741 0 non-
"/usr/sbin/amavisd -d bayes debug-sa" as user amavis and got not errors
about version mismatches.
I should see the results shortly.
Thanks for your help!
Dave
On Tue, 2006-11-28 at 14:39 -0500, Theo Van Dinter wrote:
> On Tue, Nov 28, 2006 at 01:35:02PM -0600, Dave Augustus wrot
Yes!!
Here is a sample header from an email my coworker received:
X-Spam-Status: No, score=2.419 tagged_above=0.5 required=5 tests=
[AWL=-1.082, BAYES_99=3.5, HTML_MESSAGE=0.001]
Notice the BAYES entry!
Thanks to everyone who helped me on this. I hope it helps others.
Dave
On Tue, 2006-11
at regard.
BTW- I think that this happened because a yum dependancy wasn't
available via yum so I used CPAN(site-perl) to meet the dependancy.
Later, yum got the dependancy and installed it into vendor-perl.
Hope it helps!
Dave Augustus
On Tue, 2006-11-28 at 19:27 -0800, Quinn Comendant
> I can't find a spamd.sh anywhere...
SA is not included by default until 10.4. If you installed it yourself, you
may need to create a StartupItem in /Library/StartupItems. Otherwise, check
the documentation from the installed package.
--
Dave Pooser
Cat-Herder-in-Chief, Pooserville.com
ayes_path /home/spamd/.spamassassin
I don't see anything here that prevents autolearn results from being
applied?
HELP please! Most appreciated!
Dave.
I use 4 in a load-balanced arrangement- They all share the same Mysql
db. It is on another server.
It works great and they all use the same bayes, awl and other mail
settings used by policyd.
Dave
On Sat, 2006-12-02 at 19:24 +, Nigel Frankcom wrote:
> On Sat, 02 Dec 2006 18:31:47 +0
I guess milage varies. Auto-Learn has been a life saver for us and has
drastically reduced false postives we used to get with emails to our
College's Health Care & Research departments. We pass all local user email
through SA as well, so this really helps the system learn what is 'good'
email.
John is absolutely correct here. Just be careful to ensure proper checking
of the 2nd octect of the 172.x.x.x space, and ensure that it is in the 16-31
range. Otherwise you will be bypassing a very large chunk of AOL.com
address space without checks.
-Original Message-
From: John D. Har
Personally, I think the AWL function is poorly named as it really does not
reflect what it is or does. I suspect this name leads to much confusion for
most new users and/or those that do not work closely with SA consistently. I
know when I first started using SA, it confused me in the beginning. Ma
I am sure this is a long shot, but has anyone created a Win32 porting of
this along with the necessary OCR utilities?
-Original Message-
From: decoder [mailto:[EMAIL PROTECTED]
Sent: Sunday, January 07, 2007 9:17 AM
To: [EMAIL PROTECTED]; users@spamassassin.apache.org
Subject: FuzzyOcr
Is the PBL (codes 10 & 11) stable enough to run in production? I notice
these are not in the current SA rulesets
-Original Message-
From: Theo Van Dinter [mailto:[EMAIL PROTECTED]
Sent: Monday, January 08, 2007 2:49 PM
To: users@spamassassin.apache.org
Subject: Re: xbl.spamhaus.org
ssions have to be set? I made sure
anybody could read it and the .spamassassin directory it's in just in case.
-- Dave Williss
[SNIP]
Is there some special way the permissions have to be set? I made sure
anybody could read it and the .spamassassin directory it's in just in case.
It sounds like you want to remove calling SA from the MTA, and instead call it
from the MDA (such as procmail) which allows per-user co
Just a wild stab here, run a lint check on all your rules. I once fat
fingered a rule in my local.cf file and got similar hit results as you are
describing here.
-Original Message-
From: Daniel Staal [mailto:[EMAIL PROTECTED]
Sent: Friday, January 12, 2007 9:05 PM
To: Users-Spamassassin
Chris wrote:
On Monday 15 January 2007 7:07 pm, John D. Hardin wrote:
On Mon, 15 Jan 2007, Chris wrote:
I keep seeing the below bounces in spam reports I'm sending out. I know
the ordb is dead, who is using it, Earthlink or corp.mailsecurity.net.au?
[EMAIL PROTECTED]
SMTP error
IMO, all AWL needs is an auto expiry systems like bayes has.
For us as a College, AWL makes a HUGE difference when students submit their
thesis, term papers, etc. which at times may be on sexual debauchery, KP,
internet scams etc. With AWL, it sees that all previous messages from this
individaul
-Original Message-
From: Alex Woick [mailto:[EMAIL PROTECTED]
Sent: Saturday, January 20, 2007 12:24 PM
To: Matt Kettler
Cc: Andy Figueroa; users@spamassassin.apache.org
Subject: Re: use or not use awl
Matt Kettler wrote:
> That said, I think the AWL is a great idea, but not ready for
Same here. I've been very impressed with this ruleset so far.
-Original Message-
From: Andy Figueroa [mailto:[EMAIL PROTECTED]
Sent: Saturday, January 27, 2007 9:23 AM
To: users@spamassassin.apache.org
Subject: Re: Drug spam, some caught some not - none caught by drug rules
Ben, or o
First off, it looks like you are sending a copy of a web page as your
message body and not a real newsletter.
If you want help, I would suggest that you send your sample message as an
attachment and not inline like you have done here. In this way, the orginal
email message including all headers
> SARE_HTML
> SARE_HTML0
> SARE_HTML1
> SARE_HTML2
> SARE_HTML3
> SARE_HTML4
SARE_HTML includes the 0, 1, 2 and 3 rulesets, so you're duplicating some
scans. Same with SARE_HEADER and some of the others IIRC
--
Dave Pooser
Cat-Herder-in-Chief
Pooserville.com
"T
us a "Thanks for the opportunity, I really appreciate it" note and got
back a note telling him we're glad to have the work for him. Our response
got flagged as spam. Either he's dumber than some salads I've eaten, or the
geniuses doing client development for AOL need a clue-by-four upside the
head.)
--
Dave Pooser, ACSA, CCNA
Cat-Herder-in-Chief
Pooserville.com
So I noticed some messages from one of my mailing lists landed in the ol'
spambucket; there was a URI in there for 4dquiz-com (dot instead of dash)
and it hit on URIBL_JP_SURBL and URIBL_SBL which scored enough to override
BAYES_00. Problem is, as best I can tell it's not on the
was flagging sites that were hosted on SBL-listed
addresses, and I trust the SBL far more than other blacklists so I was
willing to score it higher.
Never mind!
--
Dave Pooser
Cat-Herder-in-Chief, Pooserville.com
"...Life is not a journey to the grave with the intention of arriving
safe
realizing what
it's doing, and I have flogged myself appropriately for it.)
--
Dave Pooser
Cat-Herder-in-Chief, Pooserville.com
"...Life is not a journey to the grave with the intention of arriving
safely in one pretty and well-preserved piece, but to slide across the
finish line broa
<mailto:[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
X-Header-MasterId: 903934
X-Header-Versions: [EMAIL PROTECTED]
Message-ID: <[EMAIL PROTECTED]>
MIME-Version: 1.0
Content-Type: text/html; charset=us-ascii
X-TFF-CGPSA-Version: 1.4
X-AMS-CGPSA-Filter: Scanned
--
Dave Pooser
Cat-H
rules_du_jour.
Thanks,
Dave
cmail logfiles say it executed the spamc line.
I also tried variations on
| /opt/spamassassin/bin/spamc -d 127.0.0.1,10 -d 128.8.120.159,10 -t 10
Has anyone done spam checking to multiple machines with some type of
failover?
TIA
=-=-=-=-=-=-=-=-=-=- generated by /dev/dave -=-=-=-
On Mon, 3 Apr 2006, Matt Kettler wrote:
Dave Stern wrote:
I'm trying to get SA working by remote connections and don't see it
consistantly working.
Users kick off SA in their .procmailrc on our mail server which can't
handle
a more recent version of SA so we only have v2.64 in
Mike,
That sounds like a script I am interested in- Can you send me a copy?
TIA,
Dave Augustus
On Thu, 2006-04-20 at 17:24 -0700, Mike Jackson wrote:
> > That seems fine - I'd expect that for a package like SpamAssassin, the
> > default rules (plus Razor and Pyzor) woul
> I'm a little confuse now. When I Get SPF_FAIL? I think that when the domain
> don't have a SPF record, spamassassin scores the message with FAIL.
No, when the domain has an SPF record and the sending server is in an
explicitly disallowed range, you get an SPF_FAIL.
--
Dave Poos
I've started recieving a few spams a day that aren't even getting
scanned by Spamassassin. Or at least they don't get any X-Spam headers
added on.
The messages in question all have forged senders to make them look like
they came from an existing user within my own domain even though the IP
t
the mail server is about 700K and was last modified just a few minutes
ago, so it's getting used.
Hmmm... I deleted my auto-whitelist file and within a few minutes, I had
several incoming emails which were all scanned.
Dave Williss wrote:
I've started recieving a few spams a
Trying to solve my previous problem, I find in my /var/log/mail.err a
lot of errors like:
locker: safe_lock: cannot create tmp lockfile
/home/dwilliss/.spamassassin/bayes.lock.tnt.microimages.com.18000 for
/home/dwilliss/.spamassassin/bayes.lock: Permission denied
My .spamassasin directory h
I am sure this has been asked numerous times before, but what is the logic
in having auto expiry on the bayes DB, and not seen? Seems that once tokens
have been removed from the DB there is little to no use for 'unlearning' any
associated messages. Besides on a busy system, this seen file gets la
:
> Dave Koontz wrote:
>
>> I am sure this has been asked numerous times before, but what is the logic
>> in having auto expiry on the bayes DB, and not seen? Seems that once tokens
>> have been removed from the DB there is little to no use for 'unlearning' any
>
Hi Richard. This really is not a spam assassin question. However, You can
check mail server IP against blacklists yourself with DNSSTUFF (link to two
of your IPs below). Notice that you don't have a proper PTR record that
could cause email to be blocked by some sites. (AOL for just one example)
Oddly enough, I did have a similar problem when I first upgraded to v3.18.
What I was noticing was a permissions failing message at the end of the
expirary cycle. Same thing with a sa-learn --force sync. I went back to
3.17 and everything worked as expected. My second upgrade to v3.18 failed
the
ulling the
information from whois during mail processing? (Although that would be
resource-intensive and would probably run afoul of their prohibition on
high-volume querying, so that's probably a lose.)
--
Dave Pooser
Cat-Herder-in-Chief, Pooserville.com
"...Life is not a journey to the grav
giner catchall account (took me 6 years and a new boss to finally
put a bullet in it) we've seen MANY fewer joejobs. Don't know whether
there's causation or just correlation, but either way it makes me a happy
man.
--
Dave Pooser
Cat-Herder-in-Chief, Pooserville.com
"We owed t
-2.6 BAYES_00 BODY: Bayesian spam probability is 0 to 1%
[score: 0.]
1.8 HTML_IMAGE_ONLY_24 BODY: HTML: images with 2000-2400 bytes of
words
0.0 HTML_MESSAGE BODY: HTML included in message
1.5 MY_CID_AND_ARIAL2 SARE CID and Arial2
> This looks familiar... as in I think I've fixed this before familiar.
> What version of SA are you using?
SA 3.1.5, Perl 5.8.6, on Mac OS X
Some more reading found that [SPF failed: ] is a normal result for an SPF
timeout, so I set spf_timeout 30 and will see if that helps any.
--
Running spamd 3.1.7 on FC3. using qmail-scanner 2.01.
Headers reflect that I AM loading spamd with the desired config file...
(I've changed require_score in small increments and headers reflect
correct value)
spamassassin --lint reports no errors
local.cf:
==
required_score 5.
Jason Haar wrote:
Dave Richardson wrote:
Running spamd 3.1.7 on FC3. using qmail-scanner 2.01.
Headers reflect that I AM loading spamd with the desired config
file... (I've changed require_score in small increments and headers
reflect correct value)
spamassassin --lint reports no e
and not to the (probably forged)
return-address. No backscatter, no joejob potential. The only problem I see
is that some MTAs may "clean up" the message until it's unrecognizable.
--
Dave Pooser
Cat-Herder-in-Chief, Pooserville.com
"...Life is not a journey to the grave with the
This anti-spam DDoS is being reported on SANS as well... Seems SpamHaus
is also getting slammed.
http://isc.sans.org/diary.html?storyid=2940
Wish we could find the bot master and turn the DNS pointers back to them.
Gene Heskett wrote:
> On Thursday 07 June 2007, Chris Santerre wrote:
>
>>> ---
jdow wrote:
>>
>> Should we arm them with a RFC-2321 compatible RITA, and a confident
>> demeanor?
>
> Sic the RIAA lawyers on them.
>
Since Microsoft recently claimed ALL open-source or free applications
violated 250+ patents they own, maybe we can all sue M$ for BotNets???
Isn't that FREE softw
701 - 800 of 855 matches
Mail list logo
