***: km_ has quit IRC (*.net *.split)
shat has quit IRC (*.net *.split)
hazardous has quit IRC (Ping timeout: 240 seconds)
qbit has quit IRC (Ping timeout: 240 seconds)
hazardous has joined #arpnetworks
qbit has joined #arpnetworks
shat has joined #arpnetworks
shat has quit IRC (Changing host)
shat has joined #arpnetworks
km_ has joined #arpnetworks perlgod: i will break the silence: i am thoroughly enjoying my arp thunder instance, love all the disk space.
also i started using rspamd as my email spam filter since dspam was abandoned. its an awesome product, bsd licensed. check it out if you've never looked into it ***: ziyourenxiang has quit IRC (Ping timeout: 240 seconds)
mkb has joined #arpnetworks
KDE_Perr1 is now known as KDE_Perry mercutio: hmm, i have not heard of rspamd perlgod: i hadnt either until i started researching new spam blockers. was initially looking at spamassassin, and why i do love perl, the thought of spinning up 20 perl processes for every email that came in wasnt appealing
rspamd is written in c
has tons of modules for spam blocking. DCC bulk lists, dkim, dmarc, RBL, statistical filtering, etc
and a simple web gui for viewing spam block/pass stats mercutio: sounds interesting. i use amavisd-new
which is perl and bloated, and hooks into spamassassin, dkim, etc
i actually do zen spamhaus rbl block straight in postfix. perlgod: rspamd does dkim signing of outgoing mails as well. before i was just using opendkim and dspam as milters mercutio: i think i am signing outbound mails
and doing domainkeys? perlgod: you can easily check by sending an email to a gmail account and checking for "signed-by" field in the message headers. mercutio: i tried to stay on top of all of the things to do years ago, then it seems things stopped changing nearly as much, and i haven't kept up perlgod: or google one of those dkim/spf testers mercutio: ok i'll email gmail :)
i seem to reclal using gmail to check in the past :)
i think yahoo needed domainkeys? perlgod: if you want to make sure other mail servers accept your mail, its not too terribly hard
1. make sure your mail server has a reverse dns record that points back to itself
2. make sure spf records are correct in dns mercutio: i'm struggling to figure out how to show headers in gmail perlgod: 3. you can look into DMARC/DKIM signing, but in my experience getting 1 & 2 correct is enough mercutio: oh "show original" perlgod: you can hit the little arrow next to the "To:" field
it should say "mailed by" and "signed by"
or show original :) mercutio: hmm i don't see signed by perlgod: you are prob not signing outgoing mails then mercutio: i must not be perlgod: i used this when setting up my mail server, very helpful
http://dkimvalidator.com/ mercutio: i have dkimproxy setup it seems mkb: I've never bothered with dkim and people usually respond to my mail mercutio: but i probably didn't do it in postfi perlgod: yeah, in my experience most mail servers do not reject purely based on dkim
however if they are using something like spamassassin or another spam blocking software, not having valid dkim will increase your likelihood of being flagged as spam mkb: now I've never done any real test to see if the people who don't respond don't because they didn't get it or because they don't want to talk to me... mercutio: haha mkb
or maybe they do respond to you, and their mails go into spam perlgod: i have spent a ton of time getting my mail server set up. currently running postfix/rspamd/dovecot with ldap auth and sieve filtering. also trains spam based on mail you move to Junk folder
one of these days i will do a write-up about it
running it all on freebsd on ARP of course :) mercutio: yeah it ends up being a huge time sink
i added things one after another when i got irritated by my level of spam mkb: I also don't do any kind of modern spam filtering mercutio: i mostly seem to attract russian girls spam atm mkb: which I may have to change soon perlgod: have not had any spam since setting up rspamd and adding postfix options reject_unknown_reverse_client_hostname, reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname, reject_non_fqdn_sender, reject_unknown_sender_domain mkb: I used to run openbsd spamd perlgod: if i ever do a write up of my setup i will post a link in here so you can benefit from my trial and error mkb: rather effective, but ultimately caused more problems than it solved perlgod: it is a time sync, but messing around with hosting stuff basically got me my career mercutio: reject_unauth_destination, reject_unknown_sender_domain, reject_rbl_client zen.spamhaus.org, check_sender_access hash:/etc/postfix/sender_access perlgod: helped a lot more than the CS degree anyway mercutio: hmm i wonder if i should add some more
i can't stand greylisting
and it doesn't seem to help modern spam
most spam that comes through to me comes from gmail, yahoo, etc, and other legit mail senders. perlgod: rspamd does greylisting by default, though you can disable. i have not had too many problems mercutio: zen spamhaus may be blocking some things grey listing may have helped against though perlgod: on an iffy email, it will do a soft bounce. usually the other mailserver will retry in about 60 seconds and then it will go through mkb: 60 seconds... yeah right mercutio: my big problem with mail now days is "legit" mail
i want something like gmails automatic folder shifting mkb: the problem I had with greylisting is that idiots would email me, then call me on the phone to tell me they've emailed me, and I'd have to explain that I couldn't see it BryceBot: YER AN IDIOT mkb mercutio: mkb haha that sounds like somethin gi'd do
some email systems are slow too even without greylisting mkb: yeah I'm increasingly dissatisfied with the amount of legitimate spam I get mercutio: i figure that it's often best to email and ring if you want a timely response mkb: never buy anything from ebags.com mercutio: now ebay.com
nor
actually ebay isn't that bad. paypal keep updating their privacy policy. mkb: hah. ebay sent me one the other day and I couldn't tell if it was phishing or not mercutio: i kind of want a folding type thing, where similar messages get grouped together
like all of the ubuntu security notices
i suppose that's something that is the job of the mail user agent perlgod: i played around with offline imap (actually mbsync now) and notmuch, which is an awesome, fast email tagging system
but it only works on one device
so kinda useless if you have laptop, desktop, smartphone etc mercutio: i have two gmail adddress on my phone perlgod: server-side sieve filtering serves me well for now mercutio: and just use my normal email otherwise and don't have it on my phone
one of my gmail includes thigns like promotions and has no alerts.
cos sometimes it's nice to have store promotions or such on your phone mkb: oh yeah I still use pop which means I only get mail on one machine mercutio: i use mutt on the mail server :) ***: sjackso has joined #arpnetworks
mkb has quit IRC (Quit: leaving)
KILLALLHUMANS01 has quit IRC (Ping timeout: 255 seconds)
KILLALLHUMANS01 has joined #arpnetworks brycec: @geoip 98.142.108.75 BryceBot: WHOIS - 98.142.108.75 (DomainTools) http://whois.domaintools.com/98.142.108.75
http://98.142.108.75 (Try to go there) http://98.142.108.75 brycec: @geoip wolfman.devio.us BryceBot: brycec: I'm sorry, the DDG Zero-Click API returned no results. As this is a Zero-click Info API, most deep queries (non topic names) will be blank. Quite frankly, this DDG API sucks cocks. mike-burns: That's quite the error message. brycec: oh crap wrong channel too, sorry for the noise
(my PM with BryceBot is 1 window over, and I'm not paying attention) mercutio: that is a creative error message :) brycec: What can I say, I got tired of people trying to @ddg things and being disappointed. ***: km__ has joined #arpnetworks
km_ has quit IRC (Ping timeout: 260 seconds)
hive-mind has quit IRC (Ping timeout: 260 seconds)
hive-mind has joined #arpnetworks
ziyourenxiang has joined #arpnetworks