If you're using #SpamAssassin, now is a good time to stop relying on Validity's Realtime DNS Block Lists ("Validity Zone File Access"). Free-tier users are being threatened with severe usage limits unless they arrange a call with Validity's sales team. #DNSBL #email #BaitAndSwitch 
Recent searches
Search options
#spamassassin
0 posts0 participants0 posts today
Replied to Santiago
Bill Cole 
@santiago FWIW, the automated rescoring that we (the SA Project of #TheASF) do for the default rule channel works on the assumption that the threshold is 5. If you reduce the threshold you should put in proactive work to improve (i.e. reduce) the scores of mail that you value.
E.g. I use a level of 4 & I use the supplementary KAM rules channel. I can only do that because the vast majority of the legit mail on my server is aimed at "more_spam_to" addresses.
If you use #SpamAssassin and actually want mail sent to you from a subdomain of #wordpress.com, you will want to add that specifically to your local welcomelist. We've had reports of signed spam from such domains, so we cannot leave the wildcard in the "default welcomelist" in SA's rule channel.
This change just went into SVN and will take a day or two to appear in the channel.
Ah ben la dernière, c'est #Validity qui veut du pognon.
Donc, pour désactiver ces parasites dans #spamassassin :
ifplugin Mail::SpamAssassin::Plugin::DNSEval
header RCVD_IN_VALIDITY_RPBL eval:check_rbl('custom', '127.0.0.1')
header RCVD_IN_VALIDITY_SAFE eval:check_rbl('custom', '127.0.0.1')
header RCVD_IN_VALIDITY_CERTIFIED eval:check_rbl('custom', '127.0.0.1')
header RCVD_IN_VALIDITY_RPBL_BLOCKED eval:check_rbl('custom', '127.0.0.1')
header RCVD_IN_VALIDITY_SAFE_BLOCKED eval:check_rbl('custom', '127.0.0.1')
header RCVD_IN_VALIDITY_CERTIFIED_BLOCKED eval:check_rbl('custom', '127.0.0.1')
endif
Yippee-ki-yay, motherfucker !
Du hast die Chemnitzer #Linux Tage 2025 verpasst? Kein Problem! Ab sofort findest Du die Videoaufzeichnung und die Vortragsfolien der beiden Heinlein-Vorträge auch in unserem Expertise-Blog.
Du möchtest mehr über den #Ceph Orchestrator als Bestandteil eines Ceph-Storage-Systems erfahren?
https://www.heinlein-support.de/blog/vortrag/ceph-orchestrator-container-fuer-storage
Für alle, die einen eigenen #Mailserver betreiben möchten: Was ist aktuell mit #SpamAssassin in der Spamabwehr möglich?
Hacker News Anyone who followed me in recent days for my #SpamAssassin lore and related #spam and #InfoSec hot takes should know that I'm one of those "everything is political" guys who does not believe in falsely limiting myself...
I'm a good one to mute for the day when you've heard enough terrible news.
"The stats we collect for the #SpamAssassin project (mass-scan results from participating sites) have long shown that spammers are more consistent at making #SPF, #DKIM, and #DMARC correct than are legitimate senders. DMARC in particular has no discernible benefit for most senders, so it is a useless signal.
Rejecting mail based solely on authentication failures of those deeply flawed authentication methods does more harm than good."
https://www.jwz.org/blog/2025/03/dmarc-and-spf/#comment-257743
EDIT: h/t @grumpybozo
Replied in thread
@nielsk @neel @jwz Right. Both SPF and DKIM can be useful as *positive* signals. That's why we have welcomelist_{spf,dkim,auth} directives in #SpamAssassin: so you can protect mail from known-good domains only when it passes some sort of authentication.
I have never had any social media posting blow up over anything like this post about mail authentication and #SpamAssassin.
Glad people aren't angry at me...
Replied in thread
@ghard @jwz We (the #SpamAssassin project) had support for HashCash for well over a decade. No one used it. No one cared enough to fix the plugin for recent versions, so we dropped it.
There's a strong argument that any form of "e-postage" is doomed. Spammers can hijack computing power in arbitrary amounts for paying it.
Replied in thread
@jwz The stats we collect for the #SpamAssassin project (mass-scan results from participating sites) have long shown that spammers are more consistent at making SPF, DKIM, and DMARC correct than are legitimate senders. DMARC in particular has no discernible benefit for most senders, so it is a useless signal.
Rejecting mail based solely on authentication failures of those deeply flawed authentication methods does more harm than good.
Tag 2 der Chemnitzer Linux-Tage läuft. Wie immer eine großartige Veranstaltung mit spannenden Vorträgen und tollem Publikum. Nachdem unsere Kollegen gestern schon Vorträge zu #SpamAssassin und #Ceph halten durften, sind heute Vorträge von #OpenCloud und #OpenTalk im Programm.
Um 12 Uhr in Raum V7 geht's los - vor Ort oder im Live-Stream. Wir freuen uns auf Sie!
Zum Programm:
https://chemnitzer.linux-tage.de/2025/de/programm/vortraege
He's not wrong of course, but another useful function that #SpamAssassin users often overlook is the (newer) Transaction Reputation and (older) Auto-Welcome List (TxRep/AWL) subsystems.
The short form: The options -W or (—add-to-welcomelist) and --add-to-blocklist to the spamassassin script inject records for the addresses and IPs into the persistent reputation DB so that future similar messages get their scores skewed one way or the other, hard. https://mastodon.social/@jwz/114162761642681655
Mastodonjwz (@jwz@mastodon.social)Attached: 1 image
Spam pro tip.
When a spam message gets past my shields and lands in my inbox, the first thing I do is look at the SpamAssassin headers to see if some rule fired whose priority I should bump up. Usually the answer is "Uggggghhhhhh no". It used to be...
https://jwz.org/b/ykkV
#ProxmoxMailGateway 8.2 has been released (#Proxmox / #ProxmoxMG / #MailGateway / #ZFS / #OpenZFS / #SpamAssassin / #Postfix / #PostgreSQL / #Linux / #Debian / #Bookworm / #DebianBookworm) https://proxmox.com/
ProxmoxProxmox Server SolutionsProxmox develops powerful and efficient open-source server solutions like the Proxmox VE platform, Proxmox Backup Server, and Proxmox Mail Gateway.
Continued thread
Apparently it was a broader problem, because no, I was NOT the only one to notice, just the only one to open a Jira ticket.
BECAUSE IF THERE’S NO TICKET THERE'S NO PROBLEM!!!
Clearly ASF Infra needs more staff. See my prior post if you live in Europe.
Replied in thread
@msb A good choice. Doubling it again would not hurt, as I’ve seen a lot of PDF-bearing #spam which comes in over a megabyte.
The 512k limit is an artifact of when #SpamAssassin had some serious inefficiencies that we’ve worked hard to eliminate in recent years. If you're using 3.4.0 or later, large messages will be scanned much faster than in the past.
Is it really possible for svn.apache.org to be down and only the #SpamAssassin utility host and me to notice?