Search results

Perhaps adding this to custom.cf trusted_networks 0.0.0.0/0 score ALL_TRUSTED -200.0 Then add 0.0.0.0/0 to your trusted network list /#pmgMailProxyConfiguration:networks Then turn off restrictions on: /#pmgMailProxyConfiguration:options /#pmgSpamDetectorConfiguration...

Is it possible to increase the 3 minute delay?

Yesterday, a client tried sending a 7MB file, O365 told the client that PMG rejected the message as being too large: stl-mx.fastnet1.com Remote Server returned '554 5.3.4 <stl-mx.fastnet1.com #5.3.4 smtp;550 5.3.4 SMTPSEND.OverAdvertisedSize; message size exceeds fixed maximum size>' When I...

What are the criteria used to accept email when greylisting is active? Is it knock once, gain admission in an hour, knock three times gain admission ? Can these parameters be changed? When a message is RBL rejected, is there a mechanism to greylist its ip address &/or network for 24 hours?

I continue to see quite a few domains without a SPF record, a "~all" or perhaps an ip:0.0.0.0/0 SPF record, hopefully, DBL & SURBLs will force these organizations to be a bit more responsible. OTOH, we see situations like Office 365 servers that cannot be bothered with valid rDNS records...

Thanks for this detailed explanation. We are seeing spam from large ESPs such as Sendgrid & Mailgun. This week-end, I added Spamhaus' Domain Block List (DBL) to the mix, it helped snare spam from a number of newly visible domains (dormant domains registered years ago) as well as newly...

I am considering ways of integrating the Spamhaus Drop lists into our environment. Is it possible to define an IPSET using networks defined in an external file, so something like this: [IPSET shdrop] include: /etc/pve/firewall/spamhaus/drop.txt ?

TLS is a requirement for many healthcare & financial services firms. So, if doctor wants to get email from hospital over known secure channel, hospital.com would send email to tls.doctor.com the PMG securing "tls.doctor.com" would configure postfix to only accept TLS connections. Using this...

For the record, the PHISHING plugin works, but it hasn't caught anything in the several days we have had it in place. Surprising, but true. I tested the plugin by adding a url to /etc/mail/spamassassin/openphish-feed.txt, then sent myself a message from Yahoo, the "phish" was logged: grep...

You may want to check out Checkcentral or smtpviewer, these services let you know if you don't get an expected email.

We have a mystery. I ran systemctl disable systemd-resolved --now reboot Everything is working. I am not sure why things failed last week-end. Thanks for looking into this for me.

I had a similar request. Based on Tom's response to another thread, you can add a BCC action object to the quarantine rule (send a copy to another mailbox). In our case, the trick will be to send it to a mailbox with zero spam filtering, or we'll have crazy back-scatter issues. I will probably...

Not a single hit - perhaps that's why no one is using it. When I get some time, I need to run a test - assign it a very low score and manually adjust the feeds. OTOH Invaluement has been remarkably effective, the only real problem is its propensity to ding Infusionsoft emails. If it was just my...

I just stumbled on heutger's post where he describes implementing this plugin. Well worth the read. Thank you.

Any experiences with Spamassassin's Phishing Plugin? It was released in September 2018, it hasn't received the wide acclaim I would expect - I am curious what experiences the Proxmox community has had with with this innovation.

I edited /etc/mail/spamassassin/custom.cf a couple hours ago, SA is still using the old file. Is this the right command to push the update: pmgconfig sync --restart 1 ?

I would like a list of messages released from pmgSpamQuarantine, where are these logged? I thought I could do grep -ris "sender@graydomain.com" /var/log/main.log - that didn't work out.

It comes up alot, for example this morning, I went through several spam collections & realized we are getting quite a bit of spam from ".best" & ".monster", so I am blocking these via Postfix's check_sender_access. If all spam was on one page, I could get to this conclusion quite a bit quicker...

I am working on system-wide Spamassassin tweaks. Is it possible to see the spam quarantine for all users when logged in as root?

I am down to 1.33s - not sure if that is a good or bad number, it's better than 2 seconds. I haven't compiled rules, that is going to have to wait for another day. Two issues seem to have helped: 1. Running Unbound instead of PowerDNS 2. Whitelisting the big boys using postwhite