I believe the idea is right but your example is wrong. 4.92 rounds to 4.9,
not to 5.0
It may have been any number between 4.95 and 4...., say 4.983
> I think the hits= is a rounded number. So it may have been
> 4.92 for example.
>
> >>> "Chris Barnes" <[EMAIL PROTECTED]> 01/30/04 11:42AM >
are numerous Outlook add-ins that can do various things
to detect spam. Does anyone have experience with any of these that they can
share with me? I'd like to avoid paying any money. She does have a
high-speed always-on internet connection if bandwidth comes into play.
Matthew van Eerde
S
I would guess this is normal. Think of things like Message-Id's, vs. common
words like "the" which will appear very many times.
> -Original Message-
> From: Alexander Litvinov [mailto:[EMAIL PROTECTED]
> Sent: Saturday, December 13, 2003 10:10 AM
> To: [EMAIL PROTECTED]
> Subject: [SAtalk
> > > I agree. It seems funny to do a check for SPAM and not do
> > > any sort of check for open relay.
>
> I'm no expert on Received headers, but:
>
> Received: from 212.214.136.47 (EHLO smtp-fe2.ballou.se)
> (212.214.136.47) by mta128.mail.sc5.yahoo.com with SMTP; Thu,
> 11 Dec 2003
>
I get the "justified" part of your rule, but what about the rule references
HTML? I'd consider renaming your rule to JUSTIFIED_74_EQUAL or some such.
> -Original Message-
> From: Regis Wilson [mailto:[EMAIL PROTECTED]
> Sent: Friday, December 12, 2003 9:35 AM
> To: [EMAIL PROTECTED]
> Sub
> >I'm just curious. I've NEVER seen Yahoo! tagged bulk email
> with SA tags.
>
> Odds are the open relay that the spammers sent the mail
> through was running SA.
>
> Yes, you'd think anyone using SA would check for open relay,
> but it does
> happen.. I've gotten spam like this before.
Hm
This may be redundant to the existing rule:
2.4 HTTP_ESCAPED_HOST URI: Uses %-escapes inside a URL's hostname
> -Original Message-
> From: Larry Gilson [mailto:[EMAIL PROTECTED]
> Sent: Thursday, December 11, 2003 11:47 AM
> To: 'Fred'; Spamassassin-Talk (E-mail)
> Subject: RE: [SAtal
It'll need to be a little more general than that. The way I read the
vulnerability, any non-printing character will cause the bug, not just %01.
Also, it doesn't have to immediately precede the @ - anywhere before the @
will do.
For example - I don't have an ASCII chart handy, but suppose %03 is
W/O BCC the best thing is to recode the CGI script to send individual emails
to each recipient rather than sending them all at once.
For example, instead of:
my $to_everybody = '[EMAIL PROTECTED];[EMAIL PROTECTED];[EMAIL PROTECTED]';
my $result = &send_mail($from, $to_everybody, $subject, $messa
There's a lot of possibilities:
/V.?i.?a.?g.?r.?a/i will catch things like viagrra
/(V|\\/)(i|1|l)(a|\@)gr(a|\@)/i will catch leet-isms like \/[EMAIL PROTECTED]@
(off-hand
I don't know the leet-ish for "g" or "r"
When these start to get really broad though there is the potential for false
positi
10 matches
Mail list logo
