I have been seeing 'byte count boosting' where spammers fill type emails with large sets of meaningless
garbage (e.g 'asdlfkjl lksdjf lkajsdf') to up the byte count of their
messages. This enrages me because I drop all messages with '
I am wanting to write a framework with the features below for my corporation
as an upgrade to our current spam blocking solution. I would suggest them
as ideas for SpamAssassin v3.
Create a framework where the message comes into the daemon and is translated
to 'feeds' by 'feed modules' aka prepro
I use version 2.55. Adding these three lines did the trick for me. Of
course 999-99 will be whatever number you were assigned when you
registered.
header RCVD_IN_TRUSTIC eval:check_rbl('isp',
'999-99.query.trustic.com')
describe RCVD_IN_TRUSTIC
score RCVD_IN_TRUSTIC 2.0
-
Yes. I having been using Bayes since about the day Paul Graham published
his algorithm. I have always hand picked messages I knew where spam
(trollboxes) or ham (hand picked). I found that filter, which I still
maintain, was so much more effective than SA autolearn, that I disabled SA's
bayes fi
I've been running a Bayesian filter at my company about since Paul Graham
published his paper. Lack of ham will result in some false positives where
messages that are not spam are marked incorrectly as spam. There is a
diminishing point of return to adding ham, but I haven't found it yet. I do
k
Personally, I am in favor of a new list devoted to the discussion of rules.
I don't and can't keep up with the volume of this list, but I am very
interested in rule ideas and have a few I would like to discuss.
Fox
- Original Message -
From: "Robert Menschel" <[EMAIL PROTECTED]>
To: "Nich
I have a rule to find any 'a href' followed by an 'img src' later in the
message, but I am getting nothing, which baffles me (and I am not a regex
newbie).
rawbody HTML_CLICKABLE_IMAGE /a href.*?img src/i
score HTML_CLICKABLE_IMAGE 1.00
I am using SA 2.55 and have run the --lint check, and verifi
Bayesian filtering and the cruft words they add
at the bottom now. The more flexible and intelligent SA is though, the more
difficult we can make it for spammers to construct spam.
Fox Flanders
---
This SF.Net email sponsored by: Free pre-bu
I blame SpamAssassin for these Bayes bypassing tricks. I had a custom Bayes
solution working many months before it appeared in SpamAssassin. There was
none of this bypassing crudola happening until SpamAssassin popularized
Bayes :)
Now I get messages with a spam text/html mime part and the Decla
We need a prounouncability test of the sender addresses. If it has a bunch
of ixf38jk3 crud in it, it is more likely to be spam.
---
This SF.Net email is sponsored by: INetU
Attention Web Developers & Consultants: Become An INetU Hosting Partn
2.55 today, 2.54 yesterday.
Fox
- Original Message -
From: "Tony Earnshaw" <[EMAIL PROTECTED]>
To: "Fox Flanders" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Monday, June 16, 2003 1:34 PM
Subject: Re: [SAtalk] Help needed blocking HTML_IM
, for instance HTML_IMAGE_ONLY, and REALLY_OBVIOUS_SPAM_ID_STRING.
I will see what I can do to write said rules, but having never written SA
rules, it may take me a while. Anybody already done this? Let me know.
Thanks,
Fox Flanders
SpamAssassin Results:
This mail is probably spam. The ori
12 matches
Mail list logo
