I finally got my first bit of legitimate spam (is that even a thing?) since installing SpamAssassin on my mail server. SpamAssissin did its job and correctly tagged the message as spam.
Honestly, when I first set up my mail server, I thought I'd get a lot more spam. Either I've been lucky, or my internet hygiene is pretty okay.
Sieht so aus, als würde mein #Spamassassin (mit spamass-milter statt content-filter) im Zusammenspiel mit #Postfix jetzt endlich einwandfrei funktionieren.
Woohoo! I got spamassassin working. Now to wait for some more spam. I never thought that would be something I'd write. 😆
Now coming from AWS Bahrain.
I guess they got tired of being whacked at a fast pace and hamfisted scale.
Anyway, the volume is much less now, so if you wanted to interact with the #SpamAssassin RuleQA system as a sane human might, you now can. Probably. For now.
Gee, I hope no legitimate #SpamAssassin users are trying to get to RuleQA from these places...
Prefix: 94.74.80.0/20
Prefix: 101.44.176.0/20
Prefix: 111.119.192.0/20
Prefix: 159.138.96.0/20
Prefix: 166.108.192.0/20
Prefix: 188.239.32.0/20
If you are having trouble getting the the #SpamAssassin infra in recent days, thank AS136907 (Huawei) for hosting so many DDoS-bots asking rule-qa.cgi impossible questions
This may get me to do something evil in that script....
Ob #Spamassassin irgendwann so funktioniert wie es soll?
Nachdem er plötzlich nicht mehr tat, habe ich von content-filter auf spamass-milter umgestellt, und zwar funktioniert er jetzt wiedee, aber noch nicht perfekt.
Is it me or is BAYES for Spamassassin absolutely useless? It seems to tag spam as ham just as much as it tags ham as spam.
I have it trained on thousands and thousands of spam/ham emails, too. No difference.
Tagelange Schmerzen, das Ergebnis in 3 Zeilen:
body HIDDEN_TEXT /<div style=(3d)?"(?=.*\bcolor:\s*\#fff)(?=.*\bdisplay:\s*none)(?=.*\bopacity:).*>.{1000,}?<\/div>/si
describe HIDDEN_TEXT invisible nonsense in a div container to confuse spam scanner
score HIDDEN_TEXT 7If you're using #SpamAssassin, now is a good time to stop relying on Validity's Realtime DNS Block Lists ("Validity Zone File Access"). Free-tier users are being threatened with severe usage limits unless they arrange a call with Validity's sales team. #DNSBL #email #BaitAndSwitch 📩 💔
@santiago FWIW, the automated rescoring that we (the SA Project of #TheASF) do for the default rule channel works on the assumption that the threshold is 5. If you reduce the threshold you should put in proactive work to improve (i.e. reduce) the scores of mail that you value.
E.g. I use a level of 4 & I use the supplementary KAM rules channel. I can only do that because the vast majority of the legit mail on my server is aimed at "more_spam_to" addresses.
If you use #SpamAssassin and actually want mail sent to you from a subdomain of #wordpress.com, you will want to add that specifically to your local welcomelist. We've had reports of signed spam from such domains, so we cannot leave the wildcard in the "default welcomelist" in SA's rule channel.
This change just went into SVN and will take a day or two to appear in the channel.
Ah ben la dernière, c'est #Validity qui veut du pognon.
Donc, pour désactiver ces parasites dans #spamassassin :
ifplugin Mail::SpamAssassin::Plugin::DNSEval
header RCVD_IN_VALIDITY_RPBL eval:check_rbl('custom', '127.0.0.1')
header RCVD_IN_VALIDITY_SAFE eval:check_rbl('custom', '127.0.0.1')
header RCVD_IN_VALIDITY_CERTIFIED eval:check_rbl('custom', '127.0.0.1')
header RCVD_IN_VALIDITY_RPBL_BLOCKED eval:check_rbl('custom', '127.0.0.1')
header RCVD_IN_VALIDITY_SAFE_BLOCKED eval:check_rbl('custom', '127.0.0.1')
header RCVD_IN_VALIDITY_CERTIFIED_BLOCKED eval:check_rbl('custom', '127.0.0.1')
endif
Yippee-ki-yay, motherfucker !
Du hast die Chemnitzer #Linux Tage 2025 verpasst? Kein Problem! Ab sofort findest Du die Videoaufzeichnung und die Vortragsfolien der beiden Heinlein-Vorträge auch in unserem Expertise-Blog.
👉 Du möchtest mehr über den #Ceph Orchestrator als Bestandteil eines Ceph-Storage-Systems erfahren?
https://www.heinlein-support.de/blog/vortrag/ceph-orchestrator-container-fuer-storage
👉 Für alle, die einen eigenen #Mailserver betreiben möchten: Was ist aktuell mit #SpamAssassin in der Spamabwehr möglich?
iCloud Mail has DNS misconfigured?
https://www.mail-tester.com/test-p3tdhnk3o
#ycombinator #mail #tester #test #results #check #email #spam #spamassassin
iCloud Mail has DNS misconfigured
https://www.mail-tester.com/test-p3tdhnk3o
#ycombinator #mail #tester #test #results #check #email #spam #spamassassin
Anyone who followed me in recent days for my #SpamAssassin lore and related #spam and #InfoSec hot takes should know that I'm one of those "everything is political" guys who does not believe in falsely limiting myself...
I'm a good one to mute for the day when you've heard enough terrible news.
"The stats we collect for the #SpamAssassin project (mass-scan results from participating sites) have long shown that spammers are more consistent at making #SPF, #DKIM, and #DMARC correct than are legitimate senders. DMARC in particular has no discernible benefit for most senders, so it is a useless signal.
Rejecting mail based solely on authentication failures of those deeply flawed authentication methods does more harm than good."
https://www.jwz.org/blog/2025/03/dmarc-and-spf/#comment-257743
EDIT: h/t @grumpybozo
@nielsk @neel @jwz Right. Both SPF and DKIM can be useful as *positive* signals. That's why we have welcomelist_{spf,dkim,auth} directives in #SpamAssassin: so you can protect mail from known-good domains only when it passes some sort of authentication.
