Recent content by koby

Hello Guys , One of my client got an SVG file as attachment with Phishing JavaSctipt inside of it , Please take a look... " <?xml version="1.0" ?> <svg xmlns="http://www.w3.org/2000/svg"> <circle></circle> <script type="text/javascript"> window.location.href =...

As you say , usually , but the hacker do not know that , To my best knowladge ,in Proxmox Smg release note they say that all of the header field are searchable now. the "From" field is very easy to fake.

Did that , Thank you for your time.

Hello Guys , I did bought 2 license to my cluster Suddenly I realized that one of my node is not licensed Every time I tried to "Check" I get timeout error after some time. Proxmox Pmg Ver 7.2-2 Any advice please Best Regards Koby Peleg Hen

Hello Guys , I make a lot of use with "What Object" option to check different field on the header section to avoid spam. I been more then happy to see that in the current release (7.2-2) these feature got more attention then before. BUT in my testing I could tell the at list the header field...

With your permission , What I trying to achieve here is some confident that the sender is the sender. My preferred is of course is a DKIM record , but not all mail header has this in there header , this is why I try to white sender base on "something" that some hacker will not wont to spent...

here is the mail header message " Received: from AM9PR05MB7649.eurprd05.prod.outlook.com (2603:10a6:20b:2c9::21) by PAXPR05MB9662.eurprd05.prod.outlook.com with HTTPS; Sun, 6 Nov 2022 11:35:42 +0000 Received: from ZR2P278CA0031.CHEP278.PROD.OUTLOOK.COM (2603:10a6:910:47::12) by...

Hello guys , I did add to my header check field the following : "Filed : Return-Path" "Value : test@test.com" I test it with mail with this line in its header and I found that the system does not test this line Any advice please. PMG ver 7.1-7 Koby Peleg Hen

Hello Guys , I have a rule which need to block base on "importance:=high" as follow But the system ignore it. It is also true for the header field "In-Reply-To" and maybe other header field as well How can I set the systems to check all header field Thank you all for any advice. Best...

Hello Guys , My client has received an email with an html attach to it. this html file contain a javascript code in it. For future preventing I did create a rule for spam assassin which should catch body rule with "<script" string. The strange thing is that : If I download that js file to my...

Hello Guys , I would like to white mail by setting the match field with "DKIM-Signature" as Filed and "greeninvoice.co.il" as Value. But , There some mail with 2 places in header which contain "DKIM-Signuture" in this case as I can see the systems check ONLY the FIRST one.... Please as an...

Found my error.... It should be as follow... DKIM-Signature=greeninvoice.co.il NOT DKIM-Signature=d=greeninvoice.co.il ;)

Hello Guys , I make a lot of use on the Match Field option. I set the following rule which is not match :oops: Can someone tell me why ? Pmg Ver 6.4-4 As you can see the following set is this... The Message Header us this : DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=pm20220416...

Hello Guys , As I made my spacial spamassassin rule as spamassassin doc instracuted I also add a description to the rule. The rule is working fine , But no description is showing on the "toggle spam info" here is my rule : header MKSOFT_TEST_SUBJECT Subject =~ /\btestme\b/i score...

Because I use some commercial black list and pay by the hit , I may think that If I can set this blacklist to the end of it it will be much chipper for me. As you say if the ip get into the threshold at the beginning of the test , it will not need to check the other blacklist as well. Best...