From: Jonathan Nichols <[EMAIL PROTECTED]>
Date: Fri, 30 Jan 2004 10:10:43 -0800
>Some of these spams are *so* mixed up that I have absolutely no idea
>what they're even trying to hawk in the first place. It might as well be
>written in Klingon.
I just put up a private webmail for our clients.
From: "Jennifer Wheeler" <[EMAIL PROTECTED]>
Date: Mon, 22 Dec 2003 15:01:25 -0500
>http://www.emtinc.net/spamhammers.htm
Indeed, yours was one of the places I *had* looked.
Forgive me if I'm confused, but it seems that your
rules are looking for a variety of tag patterns.
E.g. frobnozdigibbet a
Probably haven't look hard enough, but has anyone
used a rule to detect (real or pseudo) HTML tags
embedded in text. Ostensibly they're there to
throw off bayes and other pattern matchers.
I just put up:
rawbody TAG_IN_TEXT /[a-zA-Z0-9]+\<\/*[a-zA-Z0-9]*\>[a-zA-Z0-9]+/
describe TAG_IN_TEX
FWIW, I noticed some interesting Reply-to: addresses in these.
That combined with a very reasonable looking From:, led me to
believe they were trolls for "I'm so sorry" replies from folks
trying to help the hapless email user who sent an empty email.
That is, an attempt to validate that a human is
Greetings,
I'd like to increase the score for certain bayes
confidence levels. My understanding is that I
need to put one (or more) of these lines from
/usr/locals/hare/spamassassin/23_bayes.cf:
body BAYES_60 eval:check_bayes('0.60', '0.70')
body BAYES_70 ev
Amavisd-new has a feature that you can enable viz:
if SPAM then transform [EMAIL PROTECTED] -> [EMAIL PROTECTED]
Then your delivery agent can refile it on the fly.
Alternatively, you can do this yourself by either hacking the
maildeliver or placing a script in the pipeline (or by writing
Greetings,
Anyone know the magic to get spamc to operate as
spamassassin re: spamassassin --exit-code ?
just replacing spamassassin with spamc doesn't
do it in my mail delivery script. I need to
use a different script path if spam, and although
spamc < msg > newmsg
if spamc -c
