AOL IM
Maybe its an ichat only thing -- because everyone i know running iChat
gets 10+ AOL IM spams a day. I'm averaging 15.
On Dec 11, 2003, at 1:00 PM, Evan Platt wrote:
--On Thursday, December 11, 2003 12:52 PM -0500 Jonathan Vanasco
<[EMAIL PROTECTED]> wrote:
Anyone think o
Anyone think of trying to do this yet? Hijacking ims and routing them
through SA... I get way too many spam ims every day.
---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills. Sig
Find out where they live.
Keep a registered databse of names + addresses online.
Advertise on google w/spam as a keyword "kill a spammer hitlist.com"
Eventually, some nut will show up at someone's house with a baseball
bat or explosives.
You'll totally skirt any accessory charges if it goes to
Check the archives -- there may be a sendmail hook to do this.
I know for a fact you can do this with Exim via the sa-exim patch.
(sa-exim.sf.net)
A similar postfix project was discussed a month or so back. I believe
a sendmail one was too.
On Thursday, October 9, 2003, at 10:56 AM, Fabiano
Nope. None of those.
It was for 1 person, cost like $25 a year, and left people enroll a
domain then manage multiple aliases to handle overspammed addresses.
Can't remember the name -- the closest thing to it i've found is
simplicato
On Tuesday, October 7, 2003, at 09:40 PM, Larry Gilson wro
I remember seeing a while back an anti-spam email-only host.
It had a crazy name, and worked like this:
you have your mx point to their machine, and webmail/imap handles
multiple aliases so you can track/monitor/disable
it was something like $25 a month, including domain -- anyone remember
thi
If that's the case, why not right Jerry Fallwell a letter about
Verisign's unchristian activities, and get the bible belt on their ass?
I'd like to see them respond to a camera crew and evangelist asking
them:
"Exactly why do I see a verisign ad when I visit ___"
Fill _ with:
v
well, that will match that string in the body..
but it should also match not having an attachment to return true.
On Tuesday, September 2, 2003, at 01:39 PM, Chris Santerre wrote:
-Original Message-
From: Jonathan Vanasco [mailto:[EMAIL PROTECTED]
Sent: Tuesday, September 02, 2003 1
variant on sobig rules,
I'd like to have a rule for messages without attachments, if their body
contains "See the attached file for details"
The messages are multipart with one text/plain part
this would match sobig messages where the virus has failed to attach
itself
---
How can you suggest incorporating a PGP into the ruleset though?
You can check if its a valid length, but then spammers will use valid
PGP sigs.
You can't pointify all PGP sigs, because lots of valid mail is signed
w/a PGP
So you can either:
Remove the negative points for PGP sigs -- essential
maybe there could be some sort of compromise within the mta system...
unknown senders are 'rejected', or at least appear to be -- in all
actuality they are delivered as normal (run though filters though).
outgoing email addresses/domains are whitelisted from fake reject
messages. retry attemp
sort of.
first you scan/tag it... then:
if you're processing post-mta, send it to /dev/null
if you're processing pre-mta, have the mta reject/discard mail above a
threshold
On Monday, June 23, 2003, at 03:33 AM, Martin Sarajervi wrote:
Is there no way to nuke the spam instead of tagging it?
oh.. so its still in there, but as a modified, improved, form -- not
completely taken out.
thats what i thought was posted.
On Friday, June 20, 2003, at 03:11 PM, Daniel Quinlan wrote:
Jonathan Vanasco <[EMAIL PROTECTED]> writes:
Any reason for this, or are we to use custom rules for th
do you have an example of a dummy message? just curious.
On Friday, June 20, 2003, at 11:24 AM, Luis HernĂ¡n Otegui wrote:
Do you have any proof about that last point? I don't think spammers
ever examine bounces, or do any sort of management on their lists
whatsoever. It would simply add to the
Any reason for this, or are we to use custom rules for that?
On Thursday, June 19, 2003, at 10:45 PM, Daniel Quinlan wrote:
Jonathan Vanasco <[EMAIL PROTECTED]> writes:
body Image tag with an ID code to identify you
HTML_WEB_BUGS0.542 0.100 0.100 0.100
does that trap
what mta are you running? have procmail?
there's a million ways to do it.
On Thursday, June 19, 2003, at 06:15 PM, Matthew Thomas wrote:
Greetings,
I recently got SpamAssassin 2.55 running with MIMEDefang. I'd like to
temporarily (say over a weekend), send mail marked as spam to a spam
mailb
body Image tag with an ID code to identify you
HTML_WEB_BUGS0.542 0.100 0.100 0.100
does that trap
http://blank.gif?id=123123";>
---
This SF.Net email is sponsored by: INetU
Attention Web Developers & Consultants: Become An
n Thu, 2003-06-19 at 20:41, Jonathan Vanasco wrote:
having any html comments at all pretty much signifies spam
or normal email between a couple of web designers.
--
Yorkshire Dave
---
This SF.Net email is sponsored by: INetU
Attention Web Devel
On Thursday, June 19, 2003, at 01:00 PM, Pierre Bacquet wrote:
* some high scores when there are too many HTML comments (with
meaningless
contents) or very long ones made of consecutive chars without any
space.
having any html comments at all pretty much signifies spam
do spamassassin rules wo
no, this guy takes the cake
http://www.theregister.co.uk/content/51/31270.html
---
This SF.Net email is sponsored by: INetU
Attention Web Developers & Consultants: Become An INetU Hosting Partner.
Refer Dedicated Servers. We Manage Them. You G
I've been looking at Sugarplum spam poison and teergrube/tar pitting,
but
the gurus on this list seem to thing neither is a good thing.
fuck that. how about this?
1) hack their server
2) upload a shitload of metallica tracks
3) call the riaa
---
look into replacing exim with sendmail, and use spamd instead of
spamassassin, thats my idea.
you're saving some overhead on machine 1 by moving spamassassin off it
-- but then you're creating more processes for future deliveries. i
dont know if you'd be saving enough overhead to warrant that.
i've got a similar thing running SA-exim
i only run sitewide - i'm not offering individual users their own prefs
(we're a small company)
so, spamd is running with /etc/spamassassin/local.cf as the local
configuration file
in there, i have these lines for bayes:
##
## Bayes
##
# Enable the Bay
some spam has gotten though lately with characteristics like the
following:
1)
EMVJJIUHXRHCKNQIULFTQGTMGLWWSNDDRJVGKMDGXSKATVUPOITCMYWOTFHMRJDQKJDPVTHC
OTGVCU-3809950
2) a{LOCAL_PART}o{LOCAL_PART}e
3) d y e w e e v l p t u?
w c y c y s j t k s d?
4) Unsubs.cribe
5) kcv yuekaxgymqfur b
In my exim setup (using sa-exim) i scan incoming mail, and have the spam status by the time i route it to the appropriate address. That said, i can just delete it or deliver it, or even reject it based on the level.
I don't know if anything similar exists for postfix... BUT you could have a stan
Thanks to all!
On Thursday, June 5, 2003, at 03:48 PM, Many People wrote:
---
This SF.net email is sponsored by: Etnus, makers of TotalView, The best
thread debugger on the planet. Designed with thread debugging features
you've never dreamed
Call me crazy...
I'd love to run an app/script/whatever to send me spam
I need to test what my new system is doing with high ranking spam --
(my current check is for 10 points)
forwarding mail from my old system lowers points, waiting for spam to
come in by slutting a test address around the i
Sounds dumb, but I've got the razor check specified in the spamassassin
configuration file, and I've got it naming a specific razor file for
sitewide filtering too
only problem is, i can't seem to figure out if its actually running it
or not -- anyone know how to tell?
Someone high up in my company writes email exclusively in all-caps,
utters countless profanities, and has been known to use more than five
consecutive exclamation points on a regular basis.
That said, his emails score ridiculously high on the standard
spamassassin tests.
I could whitelist his
almost there.. .you missed 1 line
#chkconfig --add spamd;
#chkconfig --levels 2345 spamd on
On Thursday, May 29, 2003, at 11:22 AM, John Lang wrote:
Good morning. I'm probably going to get flamed for asking this...
I'm running SA on RH7.3 w/sendmail.
SA was installed from the bianaries. I hav
30 matches
Mail list logo
