>Graphing spam and ham amounts, with the help of spamstats
>(http://www.gryzor.com/tools), I notice the legitimate
>emails mostly arrive from about 9am, until maybe 7pm, on
>working days.
>
I have written about this and others too. The correct procedure is to
submit some proposed code to the dev
>Here's the HTML:
>
>font color="#ff"
>
This one seems easy to me, but I'm not a programmer. :) Just count the
number of "font color" tags. How about a test that is even more generic
by counting repeating numbers of HTML tags? EXCESSIVE_REPEATED_HTML something
like that.
-
I have been writing these rules to combine various version of words into one
rule. For example:
I start with
/prescription/
and do some minor subs to make
/pr[e3][s5]cr[i1]pt[i1][o0]n/i
Then, add gappies
/p.?r.?[e3].?[s5].?c.?r.?[i1].?p.?t.?[i1].?[o0].?n/i
(Side question, what's a good gap
I would also like to see if this is a useful concept: a time of day rule that
can add a score to mail sent in "the dead of night". This is probably not
universally desired, and maybe should only be a localized setting. That's
fine. What I'd like (for example):
TIMEZONE = Eastern
TIMEOFDAY_1900
>If you read the bug entry, there's a work-arround in there to use a custom
>rule to have the same basic functionality.
>
>http://bugzilla.spamassassin.org/show_bug.cgi?id=883
>
This worked perfectly. Thank you very much. I did two things: Renamed it
for me to LOCAL_BAD_TO_ADDRESS and also adde
There is a function for "whitelist-to" which allows mail to the person in the
"to" field (not exactly, but you get my meaning). What about a blacklist-to?
We have usernames that consistently show up in the to: or cc: for spam, and
we know for sure any mail addressed to those users is spam (the use
