Hello,
I haven't seen one like this before. It got through with a pretty low
score. The body looked like this:
--
Men Men Men
Vye agrah corrects erection problem in minutes
You will be able to have sex *AGAIN* like a 20 year old young man!
Guaranteed and recognized throughout the world
SAT
Has anyone thought about including the ability to connect to an ICAP proxy
server as an eval rule to test urls against? If they fail then that is a
pretty good spam indicator, and the overhead should not be too high I don't
think. It might be a little difficult to set up, and most sites would n
The problem comes from the URLs, in this case. For example
www.somewhere.com/checkflight.pl?airport=jfk or any manor of hits like
that. In fact most every false positive hit I've seen on this ruleset is a
URL, is it possible to exclude them from the checks?
Andrew
This ruleset went off hard on an email advertising airfare from a major provider. While the spamminess of said email is open to discussion, it is something to watch our for. Every airport has a three letter short name that hits on these rules.Andrew "Gerry Doris" <[EMAIL PROTECTED]>Sent by: [EMAIL
Here is another one for BigEvil that I am getting a lot of:
www.allsafetyproducts.biz
Andrew Hoying
---
This SF.net email is sponsored by: Perforce Software.
Perforce is the Fast Software Configuration Management System offering
advanced b
Would this regex make more sense?
/([a-z]{4,12}\s){12,}/
Andrew Hoying
[EMAIL PROTECTED] wrote on 01/08/2004 01:37:49
PM:
> Here's a rule I wrote for just this sort of spam:
>
> rawbody WORDWORD/[a-z]{4,12} [a-z]{4,12} [a-z]{4,12} [a-z]
> {4,12} [a-z]{4,12} [a-z]{4,12} [a-z]{4,12} [
Hello,
I have a number of permissive whitelists in order to keep good if slightly
spammy email from being tagged. Unfortunately spammers seem to be relying
on this fact more and more. For example I got a spam on the 3rd that would
have scored nearly +50 except the forged address was @cisco.com
[EMAIL PROTECTED] wrote on 01/03/2004 11:52:41
AM:
> Theo Van Dinter wrote:
>
> Being as my name is Bob I get a lot of that. :-) Well, I don't
> actually. I usually drive the lunch bus and so the mail is going the
> other direction. But here are some samples of what I do frequently
> ge
I think that it should be configurable to enable what Mark and others have
mentioned on this thread. While some sites may use [EMAIL PROTECTED] as you
use in your example, it is much more common to use, for example,
[EMAIL PROTECTED] No legit person is going to say "ahoying, please do
this" in
I get:
Illegal octal digit '8' ignored at /etc/mail/spamassassin/bigevil.cf, rule
BigEvilList_14, line 1.
Illegal octal digit '8' ignored at /etc/mail/spamassassin/bigevil.cf, rule
BigEvilList_14, line 1.
On a lint of this ruleset.
SpamAssassin 2.61 on SuSE 9.0
Andrew Hoying
You need the db-devel pacakge installed first.
Andrew
"Todd Schuldt"
<[EMAIL PROTECTED]
Hello,
Is there any way to include in the information on which whitelist_to/from
or blacklist_from rule hit in Mail::SpamAssassin::PerMsgStatus ->
get_names_of_tests_hit or any other message status method?
Thank you,
Andrew Hoying
---
Thi
12 matches
Mail list logo
