Hi there,
On Thu, 28 Jul 2016, kionez wrote:
http://pastebin.com/PJBqG15Q
H. 80.12.242.0/24 has been firewalled here since 2009.
--
73,
Ged.
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.cl
#include // created 27/07/2016 18:37
Hi!
> Have you looked at MIMEDefang? You can do more or less whatever you
> want if you can write Perl scripts.
I've looked at it, but it's not so simple to integrate on my systems
(now I'm using one VPS to do every antispam\antivirus tasks for all my
ma
Hi there,
On Wed, 27 Jul 2016, kinoez wrote:
... I want ... to run yara on entire message ...
Have you looked at MIMEDefang? You can do more or less whatever you
want if you can write Perl scripts.
--
73,
Ged.
___
Help us build a comprehensive Cl
#include // created 27/07/2016 10:28
[cut]
> I seem to remember hitting that issue.
I wrote something similar in 13/04 [1] (and here's the patch result [2])
but this request is "different".
I want (if it is possibile, obiuvsly ;) ) to run yara on entire message,
using rules which match both
Hi,
If it helps, could you email the YARA rule and test email offlist and I'll
have a quick look.
I seem to remember hitting that issue.
Cheers,
Steve
Web: sanesecurity.com
Twitter: @sanesecurity
On 27 July 2016 08:35:53 kionez wrote:
Hi all,
I'm using custom Yara rules to detect many
Hi all,
I'm using custom Yara rules to detect many kind of spam directed to my
customers, it's very effective and gives me many ways to intercept
localized messages (i.e.: spam in italian and french).
Lately those spammers are using base64 encoding in Subject: and body
part, making ineffective my
