similar to: spam / updates

Hi, This topic has come up previously, across the R e-mail lists and the spammers need not be subscribers (but could be), but simply reasonably competent HTML scrapers. If you look at the online archives of the R lists, for example R-Devel for this month: https://stat.ethz.ch/pipermail/r-devel/2016-December/thread.html <https://stat.ethz.ch/pipermail/r-devel/2016-December/thread.html>

Been working on my anti-spam centos mailserver for a while now and thought I would share fail2ban's help. I installed fail2ban a few weeks back. It was tough to get it working properly but pretty much working now. Although it works fine for brute force, I thought I would run it pretty tough against spammers. I started with a regular mail server, my old one, that is horrendously pounded

I agree that no action should be taken. It's somewhat mystifying that the robot known as "Amy Kristen" responds so quickly after my post, and with such regularity (so far twice per hour), using perhaps several email addresses - and using the correct "Reply-To" headers. But more mystifying is that she keeps the same name the whole time. And lucky, I guess, because otherwise

Hi This is a new one on me - I've never seen spammers attempt to use to SASL Auth to inject spam. None of the users they are trying (newsletter, dummy, test, etc.) exist, but what worries me is the illegal chars error - is this a known vulnerability in dovecot they are trying to exploit? I'm running 1:1.2.15-7 installed from apt-get.. Oct 17 15:07:16 mail postfix/smtpd[14422]: connect

The problem is not specific to this list. Any kind of public list may mean that other subscribers (or even the whole world) can see your email address. So whenever you mail to a (public) list there is a good chance that afterwards, you will get more spam. Not really much can be done about it, at least not on the side of the list, since any of the subscribers may be a spammer, who can know... All

Joel Hammer wrote on Friday, 6 June 2003 8:46 a.m.: > Which, BTW, is how we could easily stop all spamming. If we all > respond to the spammers, that would but them out of business in one > day. So, all of us on this list should agree to respond to the > spammer hitting us, telling him we are interested. That would make > these guys stop spamming this list. The problem with

I get two or three of these a day. They are not from Gmail but have a "reply to" address that is a Gmail account. The messages cone from an email account that passes SPF and DKIM. So the sender and reply domains differ, but that isn't unique. I have email that I need that arrives like that. I am on the Postfix list where this does belong, but I looked at the problem and decided it

Hello, everyone. I've proven to myself, via throw-away addresses, that individuals and robots sift thru archives and mailing list subscription lists, gathering addresses to sell on CD's to spammers. No list is immune, especially if it or its archives are available over the web. I've been spammed within a very short while of my address appearing on a posted message. If you go to

http://dovecot.org/releases/2.2/dovecot-2.2.3.tar.gz http://dovecot.org/releases/2.2/dovecot-2.2.3.tar.gz.sig This is a pretty important upgrade for v2.2 users, because of the IMAP ENVELOPE reply fix. * LDA/LMTP: If new mail delivery first fails with "temporary failure", tempfail the whole delivery instead of falling back to delivering the mail to INBOX. (Requires new Pigeonhole

http://dovecot.org/releases/2.2/dovecot-2.2.3.tar.gz http://dovecot.org/releases/2.2/dovecot-2.2.3.tar.gz.sig This is a pretty important upgrade for v2.2 users, because of the IMAP ENVELOPE reply fix. * LDA/LMTP: If new mail delivery first fails with "temporary failure", tempfail the whole delivery instead of falling back to delivering the mail to INBOX. (Requires new Pigeonhole

Many of you are interested in and have used or recommended fail2ban for your linux boxes. I finally installed it on our FreeBSD server (no asterisk, hence the OT) with the help of a friend from the VoIP Users Conference and Asterisk community. After a lot of new learning about regex, I extended the actions and filters to look at our mail server, plagued by spammers - who isn't? Our server has

Hi hoping someone can help me a little with this one. I have 2 mail servers, the incoming mail server runs dovecot and the outgoing mail server runs postfix with sasl. Lately I noticed a lot of spammers are running dictionary attacks on my incoming server and then using that user/password for sasl on the outgoing server. The weird thing is I never see on the logs the guessed

OT Mailing List Spam This might be slightly off-topic but as the source of spam is probably a spammer getting emails from this list, I reported him and his service provider should cut off his/her ugly head. I got an email of the classic 419 scam from a "El Amir Assadallah" <rdjir001 at eircom.net>. This has just come if from the abuse department :- Dear Vandaman, Thank you for

Hi, Some people have suggested maintaining black lists and white lists to avoid spammers and allow legitimate callers into the network. However, the problem with this method is that the spammer's IP address might change due to DHCP. Today a spammer might get aaa.bbb.ccc.ddd and lets say that I put this address in my blacklist. To my annoyance, tomorrow a legitimate caller might get

This is a high traffic list as it is and it is really annoying to see that SPAM is on the rise here. I wonder how they can spam the list since each user has to be authenticated. Do spammers go through the trouble of subscribing to the list? In any case, this msg is to the list admin...could you please do whatever it takes to filter this stuff out? Thank you very much. -bakki

Hi Dovecot-list! My setup consists of a dovecot server with lmtp delivery and 3 postfix mta servers in front. Previously the mtas authenticated (SASL) through the courier-authdaemond software to our mysql database. To get support for more password formats i migrated to dovecot for SASL authentification. Our postfix mtas connect to dovecot through a tcp-socket smtpd_sasl_auth_enable = yes

Hi! There were several new spam entries in Bugizlla, created from previously created accounts. I think will be good idea to delete them as well as block spammers accounts : Report IDs: 30192, 30191, 30187, 30186, 30185, 30182, 28766, 28717, 28715, 28714. Eugene.

From nmap: 995/tcp open ssl/pop3 Dovecot pop3d |_ sslv2: server still supports SSLv2 |_ pop3-capabilities: USER CAPA UIDL PIPELINING RESP-CODES TOP SASL(PLAIN LOGIN) pop3 allows SSLv2, imap doesn't. In my dovecot.conf I have: ssl_cipher_list = ALL:!LOW:!SSLv2 at the global level. Do I need to put it inside the protocol pop3{} section? Patrick

Hi I have a question regarding the IMAP CAPABILITY command behavior of Dovecot 2.0.rc3. While connecting to a Dovecot 1.2.4 server and requesting the supported capabilities, Dovecot returns all capabilities: * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE STARTTLS AUTH=PLAIN] Dovecot ready. a1 CAPABILITY * CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE

Hello, In Dovecot 2.0 the QUOTA capability is not announced until after the user has logged in. This breaks quota-support in some webmail clients (Roundcube, Atmail, probably more). After searching the lists, I see that this was fixed as a bug back in 1.0, but I guess it crept back in. :-) 1.0.7: * OK Dovecot ready. . CAPABILITY * CAPABILITY IMAP4rev1 SASL-IR SORT THREAD=REFERENCES MULTIAPPEND