At 2003-10-25T17:07:36Z, Rob Weir <[EMAIL PROTECTED]> writes:
> Gah, I didn't think of that. So I've still eaten a stupid amount of
> traffic this week. Does anyone have any neat scripts for automaticaly
> blacklisting Swen-sending ips for a period of time with Postfix?
This may or may not be o
On Sun, Oct 26, 2003 at 04:07:36AM +1100, Rob Weir wrote:
> Gah, I didn't think of that. So I've still eaten a stupid amount of
> traffic this week. Does anyone have any neat scripts for automaticaly
> blacklisting Swen-sending ips for a period of time with Postfix?
It has been something on
On Fri, Oct 24, 2003 at 12:53:33AM -0700, Steve Lamb said
> Rob Weir wrote:
> > I'm dropping mail based on a DATA regexp. I have the following line in
> > /etc/postfix/ms-crap
>
> Correct me if I'm wrong but doesn't the DATA regexp come after all the
> DATA is already across the wire? There
On Fri, Oct 24, 2003 at 06:47:22AM +0100, Karsten M. Self said
> on Fri, Oct 24, 2003 at 03:43:46AM +1000, Rob Weir ([EMAIL PROTECTED]) wrote:
>
> > This is a good point, but it's not something I notice anymore. I scan
> > through my lists and hit "y" on any spam in mutt; it passes the mail to
>
On Thu, Oct 23, 2003 at 11:11:48PM -0600, Monique Y. Herman said
> Is sa-learn really so intensive that multiple instances will bring down
> a machine, or is that mostly a concern for older hardware?
Yup. When I run it over one message at a time, it takes maybe 3 seconds
per message. For 5 at on
on Thu, Oct 23, 2003 at 11:24:17PM -0600, Monique Y. Herman ([EMAIL PROTECTED]) wrote:
> On Fri, 24 Oct 2003 at 03:48 GMT, Karsten M. Self penned:
> It was during that whole discussion in which you were actively involved.
> (Please let's not rehash that here.)
See d-u.
> Found it!
>
> http://ml
Rob Weir wrote:
> I'm dropping mail based on a DATA regexp. I have the following line in
> /etc/postfix/ms-crap
Correct me if I'm wrong but doesn't the DATA regexp come after all the
DATA is already across the wire? There has been some matter of debate on that
issue and the general consensus
on Fri, Oct 24, 2003 at 03:43:46AM +1000, Rob Weir ([EMAIL PROTECTED]) wrote:
> This is a good point, but it's not something I notice anymore. I scan
> through my lists and hit "y" on any spam in mutt; it passes the mail to
> "sa-learn --spam" and moves it to my spam folder. About the only thing
On Fri, 24 Oct 2003 at 03:48 GMT, Karsten M. Self penned:
>
> --wNT7VBaN1rUIB9jO Content-Type: text/plain; charset=us-ascii
> Content-Disposition: inline Content-Transfer-Encoding:
> quoted-printable
>
> on Thu, Oct 23, 2003 at 05:17:39PM -0600, Monique Y. Herman
> ([EMAIL PROTECTED] osh.org) wro
On Fri, 24 Oct 2003 at 03:10 GMT, Rob Weir penned:
>
> --PEIAKu/WMn1b1Hv9 Content-Type: text/plain; charset=us-ascii
> Content-Disposition: inline Content-Transfer-Encoding:
> quoted-printable
>
> On Thu, Oct 23, 2003 at 11:57:11AM -0600, Monique Y. Herman said
>> On Thu, 23 Oct 2003 at 17:43 GMT
on Thu, Oct 23, 2003 at 05:17:39PM -0600, Monique Y. Herman ([EMAIL PROTECTED]) wrote:
> On Thu, 23 Oct 2003 at 22:32 GMT, Paul E Condon penned:
> >
> > Yes. My formula is an oversimplification of the real world. My excuse
> > is that a visit to the TMDA web page gives the impression that the
> >
On Thu, Oct 23, 2003 at 11:57:11AM -0600, Monique Y. Herman said
> On Thu, 23 Oct 2003 at 17:43 GMT, Rob Weir penned:
> >
> > This is a good point, but it's not something I notice anymore. I scan
> > through my lists and hit "y" on any spam in mutt; it passes the mail
> > to "sa-learn --spam" and
on Thu, Oct 23, 2003 at 04:21:49PM -0600, Paul E Condon ([EMAIL PROTECTED]) wrote:
> On Thu, Oct 23, 2003 at 09:30:42AM +0100, Karsten M. Self wrote:
> > on Wed, Oct 22, 2003 at 09:42:31PM -0600, Paul E Condon ([EMAIL PROTECTED]) wrote:
> > - Any autoresponder is an invitation to abuse from the
On Thu, 23 Oct 2003 at 22:32 GMT, Paul E Condon penned:
>
> Yes. My formula is an oversimplification of the real world. My excuse
> is that a visit to the TMDA web page gives the impression that the
> formula is valid, and might reasonably be expected to suck innocent
> readers into using somethin
On Thu, Oct 23, 2003 at 10:41:44AM -0600, Monique Y. Herman wrote:
> On Thu, 23 Oct 2003 at 03:42 GMT, Paul E Condon penned:
> > I've been looking at a lot of options for dealing with Swen and the
> > next Sobig, soon to arrive. In the discussions here, I learned that
> > some people use tmda as a
On Thu, Oct 23, 2003 at 09:30:42AM +0100, Karsten M. Self wrote:
> on Wed, Oct 22, 2003 at 09:42:31PM -0600, Paul E Condon ([EMAIL PROTECTED]) wrote:
> > I've been looking at a lot of options for dealing with Swen
> > and the next Sobig, soon to arrive. In the discussions here,
> > I learned that s
On Thu, 2003-10-23 at 13:11, David Jardine wrote:
> On Thu, Oct 23, 2003 at 08:49:09AM -0500, Ron Johnson wrote:
> >
> > I've got a simple "pre-fetchmail" script that deletes any emails
> > larger than 13 bytes while still sitting on the pop server.
> >
> Once in a while something happens that
On Thu, 23 Oct 2003 at 17:43 GMT, Rob Weir penned:
>
> This is a good point, but it's not something I notice anymore. I scan
> through my lists and hit "y" on any spam in mutt; it passes the mail
> to "sa-learn --spam" and moves it to my spam folder. About the only
> thing I see anymore in the D
On Thu, Oct 23, 2003 at 08:49:09AM -0500, Ron Johnson wrote:
>
> I've got a simple "pre-fetchmail" script that deletes any emails
> larger than 13 bytes while still sitting on the pop server.
>
Once in a while something happens that makes hours of wading
through a thread worthwhile. Where ca
On Thu, 23 Oct 2003, John Hasler wrote:
> Or "A virus was detected and removed from this message to you" followed
> by instructions on how to retrieve the virus and the "cleaned" Swen.
How about the ones that have something to the effect of "Scan engine
failure, unable to scan" that let you know
On Thu, Oct 23, 2003 at 09:31:50AM -0700, Tom said
> On Fri, Oct 24, 2003 at 02:21:41AM +1000, Rob Weir wrote:
> > Yup. Reason #23131 why CR is a poor solution. I'm quite amazed at how
> > well SA and simple checks like my Postfix body regexp work. I still get
> > spam, and oodles of it, but it'
Rob Weir writes:
> Ah, yes, that's even worse. I'm also bloody sick of getting "a virus was
> detected in your mail" messages from people I have never written to.
Or "A virus was detected and removed from this message to you" followed
by instructions on how to retrieve the virus and the "cleaned"
On Thu, Oct 23, 2003 at 09:20:46AM +0100, Karsten M. Self wrote:
| on Thu, Oct 23, 2003 at 05:32:59PM +1000, Rob Weir ([EMAIL PROTECTED]) wrote:
| > If you have the level of MTA control neccessary to automatically reply
| > to CR queries, then just block Swen at the MTA level. I've rejected
| > 3
On Fri, Oct 24, 2003 at 01:56:03AM +1000, Rob Weir wrote:
| On Thu, Oct 23, 2003 at 12:53:49AM -0700, Steve C. Lamb said
| > On Thu, Oct 23, 2003 at 05:32:59PM +1000, Rob Weir wrote:
| > > Hm, now I check, 27253 of those did *not* come from my secondary MXs.
| > > That is a stupid amount of crap.
On Thu, 23 Oct 2003 at 03:42 GMT, Paul E Condon penned:
> I've been looking at a lot of options for dealing with Swen and the
> next Sobig, soon to arrive. In the discussions here, I learned that
> some people use tmda as a part of their spam defense, and looking into
> it I soon learned that
>
>
On Fri, Oct 24, 2003 at 02:21:41AM +1000, Rob Weir wrote:
> Yup. Reason #23131 why CR is a poor solution. I'm quite amazed at how
> well SA and simple checks like my Postfix body regexp work. I still get
> spam, and oodles of it, but it's almost flawlessly classified. I check
> out my spam fold
On Thu, Oct 23, 2003 at 09:20:46AM +0100, Karsten M. Self said
> on Thu, Oct 23, 2003 at 05:32:59PM +1000, Rob Weir ([EMAIL PROTECTED]) wrote:
> > If you have the level of MTA control neccessary to automatically reply
> > to CR queries, then just block Swen at the MTA level. I've rejected
> > 3455
On Thu, Oct 23, 2003 at 12:53:49AM -0700, Steve C. Lamb said
> On Thu, Oct 23, 2003 at 05:32:59PM +1000, Rob Weir wrote:
> > Hm, now I check, 27253 of those did *not* come from my secondary MXs.
> > That is a stupid amount of crap. In fact, it is 3.8985GB of crap.
> > Imagine that instead of dropp
On Thu, 2003-10-23 at 02:53, Steve C. Lamb wrote:
> On Thu, Oct 23, 2003 at 05:32:59PM +1000, Rob Weir wrote:
> > Hm, now I check, 27253 of those did *not* come from my secondary MXs.
> > That is a stupid amount of crap. In fact, it is 3.8985GB of crap.
> > Imagine that instead of dropping that sh
on Wed, Oct 22, 2003 at 09:42:31PM -0600, Paul E Condon ([EMAIL PROTECTED]) wrote:
> I've been looking at a lot of options for dealing with Swen
> and the next Sobig, soon to arrive. In the discussions here,
> I learned that some people use tmda as a part of their spam
> defense, and looking into i
on Thu, Oct 23, 2003 at 05:32:59PM +1000, Rob Weir ([EMAIL PROTECTED]) wrote:
> On Wed, Oct 22, 2003 at 09:42:31PM -0600, Paul E Condon said
> > I've been looking at a lot of options for dealing with Swen
> > and the next Sobig, soon to arrive. In the discussions here,
> > I learned that some peopl
On Thu, Oct 23, 2003 at 05:32:59PM +1000, Rob Weir wrote:
> Hm, now I check, 27253 of those did *not* come from my secondary MXs.
> That is a stupid amount of crap. In fact, it is 3.8985GB of crap.
> Imagine that instead of dropping that shit on the floor, you sent a CR
> query. You've just doubl
On Wed, Oct 22, 2003 at 09:42:31PM -0600, Paul E Condon said
> I've been looking at a lot of options for dealing with Swen
> and the next Sobig, soon to arrive. In the discussions here,
> I learned that some people use tmda as a part of their spam
> defense, and looking into it I soon learned that
On Wed, Oct 22, 2003 at 09:42:31PM -0600, Paul E Condon wrote:
[ Snip autoresponding idea to C/R ]
> What is the downside of doing this? Am I crazy?
http://kmself.home.netcom.com/Rants/challenge-response.html
Points 0 and 8 should answer your question though the entire essay is
worth a read.
34 matches
Mail list logo
