-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Am Monday, 4. March 2002 01:36 schrieb [EMAIL PROTECTED]:
> [root@xxx Mail-SpamAssassin-2.1]# ls
> ChangesREADME contrib ninjabutton.png spamd tools
> MANIFEST.SKIP TODOfixpath.pl qmailspamproxy
> Makefile bl
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Am Monday, 4. March 2002 05:56 schrieb Donovan Lange:
> I recently installed both SpamAssassin and Vipul's Razor. While they each
> work independently, spamassassin apparently has "issues" loading the
> razor_check. In particular, I get the error me
Here's my attempt at improving the LINE_OF_YELLING rule. First I changed it
from a rawbody rule to a body rule. I'm not sure why it was a rawbody rule
in the first place, since that would have HTML markup, non-decoded text, and
such. Then I chaned it from a regular expression to an eval test
I don't know if anyone's suggested this yet, but a "optional" sub-dir could
be added to the rules directory, to which a something like "20_US_centric.cf"
could be put; SUBJ_FULL_OF_8BITS, ROUND_THE_WORLD and so on could be put in
it. Put a prominent note of the optional directory in the README
> I don't know if anyone's suggested this yet, but a "optional" sub-dir could
> be added to the rules directory, to which a something like
> "20_US_centric.cf"
> could be put; SUBJ_FULL_OF_8BITS, ROUND_THE_WORLD and so on could be put in
> it. Put a prominent note of the optional directory in the
-BEGIN PGP SIGNED MESSAGE-
On Sun, 3 Mar 2002, Craig R Hughes wrote:
> I just pushed out the new scores (and a bugfix or two) as 2.11
I know we beat the version numbering horse nearly to death a while
back, but shouldn't this either be 2.1.1 or 2.2 not 2.11 (which I
pronounce as two-poi
> -Original Message-
> From: Matthew Cline [mailto:[EMAIL PROTECTED]]
> Sent: 04 March 2002 06:37
> To: [EMAIL PROTECTED]
> Subject: [SAtalk] check_for_spam_reply_to() questions
>
>
> I'm guessing that there's places that either have different
> TLDs in their
> Reply-To (sent from "foo
On Mon, 4 Mar 2002, Shane Williams wrote:
> -BEGIN PGP SIGNED MESSAGE-
>
> On Sun, 3 Mar 2002, Craig R Hughes wrote:
>
> > I just pushed out the new scores (and a bugfix or two) as 2.11
>
> I know we beat the version numbering horse nearly to death a while
> back, but shouldn't this eithe
My version of libdb seems to be creating different files. My whitelist
directory (in /var/spool/spamassassin) has two files, one a .dir and the
other
a .pag. I have deleted them, re-installed SA and they come back.
check_whitelist
however expects a single .db file... How do I either (a) make SA
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Personally, I love the PGP signature bonus, and I think that should
stay relatively high. I've never seen a piece of Spam with a PGP
signature, and I use them quite a bit myself, as do many other IT
folks. I don't think that Spammers are going to go
On Mon, Mar 04, 2002 at 09:11:23AM -0600, Seth H. Bokelman wrote:
> folks. I don't think that Spammers are going to go through all the
> trouble of obtaining a PGP key and signing their messages just to
> slip one past SpamAssassin.
Playing devil's advocate, all the spammers have to do is add th
I just upgraded my machine to 2.11 from 2.01, and sent a test message to make
sure it was still working.
I thought the results here were strange: I was missing the Subject header (so
MISSING_HEADERS is fine), but I also got SUBJ_ALL_CAPS...
20_head_tests.cf:header SUBJ_ALL_CAPS Subject
On 01 March 2002, Nels Lindquist said:
> One caveat.
>
> E-mail of the form [ "Your Name" <[EMAIL PROTECTED]> ] is legal.
>
> E-mail of the form [ [EMAIL PROTECTED] (Your Name) ] is also legal.
>
> Not knowing much about regexp, I'm not sure if your proposed
> expression handles the second cas
I'm wondering if it might not be possible to add a user module
containing Perl code. Currently, there's a user config which is fine,
but IMHO more flexibility would be a Good Thing.
--
http://www.pricegrabber.com | Dog is my co-pilot.
On 01 March 2002, Matthew Cline said:
> Even if this is a good idea (is it?), I don't know how to go about getting
> the user's email adress. If it's the user who's invoking SA, there might be
> some way to get the info from the environment, but I want to do it in a
> platform independant mann
Tony Hoyle <[EMAIL PROTECTED]> writes:
> My version of libdb seems to be creating different files. My
> whitelist directory (in /var/spool/spamassassin) has two files, one
> a .dir and the other a .pag. I have deleted them, re-installed SA
> and they come back. check_whitelist however expects
On 02 March 2002, Mike Loiterman said:
> Just received a strange email message:
> From: "delbert"
> To: "[EMAIL PROTECTED]"
> Subject: " Did you pray for this?15693"
>
> It is an html message with no clear indication of how it arrived in
> my mailbox as I have no mail account [E
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Sorry about the multiple postings about this topic, but my boss is
really after me to get this working.
I'm trying to set up a local mail account that I can forward messages
to so that they will be reported to the Razor database.
Someone suggested
On Mon, 4 Mar 2002, Greg Ward wrote:
> On 01 March 2002, Nels Lindquist said:
> > One caveat.
> >
> > E-mail of the form [ "Your Name" <[EMAIL PROTECTED]> ] is legal.
> >
> > E-mail of the form [ [EMAIL PROTECTED] (Your Name) ] is also legal.
> >
> > Not knowing much about regexp, I'm not sure if
Not necessarily in more nonspam than spam, but in a significant amount
of nonspam. Raising the scores on these (and I tried with each) will
severely increase the rate of false positives.
C
On Sun, 2002-03-03 at 18:22, Matthew Cline wrote:
> On Sunday 03 March 2002 05:58 pm, Craig R Hughes wrote
On Sun, 2002-03-03 at 18:36, Lars Hansson wrote:
> Isnt this exactly what the RBL's are for anyway? Catch the servers that actually
> ARE open relays as opposed to catching those that, well, might be depending
> on where you are.
The trouble with the RBLs is that they're reactive. This is proac
On Sun, 2002-03-03 at 20:39, Lars Hansson wrote:
> addressspace is only used in China. And no, restructuring the network with
> other IP's is not an option.
Aw, come on, how hard can it be ;)
C
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
http
Razor 1.20 seems to be broken. Apparently Vipul is in India for a while
(is he back yet? I'm not on the razor list), so the current solution is
to downgrade razor to 1.19 then everything works fine.
C
On Sun, 2002-03-03 at 20:56, Donovan Lange wrote:
> First of all, I'd like to thank you guys
On Sun, 2002-03-03 at 21:16, Michael Moncur wrote:
> NEGATIVE SCORES that weren't indended to be:
> (probably by now most of these are just bad rules and should be set to zero)
Setting these to 0 without introducing new nonspam-identifying rules to
replace them will greatly (very greatly) increas
I would strongly recommend against doing it this way -- it will
certainly break when the whitelist DB format changes. I would instead
recommend useing the SA classes and invoking
DBBasedAddrList->remove_entry() -- that method will continue to work
even if the storage format changes.
C
On Sun, 2
Trouble is, I frequently "send from" @hughes-family.org, which if you
reverse map the IP is somewhere in *.dsl.mindspring.net, and my reply to
is set to @stanfordalumni.org -- and then sometimes I have replyto
hughes-family and from "kingbrown.com" where I sometimes work. Or from
"yahoo.com" if I
On Mon, Mar 04, 2002 at 10:22:05AM -0500, Theo Van Dinter wrote:
| On Mon, Mar 04, 2002 at 09:11:23AM -0600, Seth H. Bokelman wrote:
| > folks. I don't think that Spammers are going to go through all the
| > trouble of obtaining a PGP key and signing their messages just to
| > slip one past SpamA
This looks much better. I'll put it in CVS and see how it goes for the
next round of mass-check's. Thanks
C
On Mon, 2002-03-04 at 02:12, Matthew Cline wrote:
> Here's my attempt at improving the LINE_OF_YELLING rule. First I changed it
___
Spamas
> -Original Message-
> From: Daniel Quinlan [mailto:[EMAIL PROTECTED]]
> Sent: 04 March 2002 16:50
> To: Tony Hoyle
> Cc: '[EMAIL PROTECTED]'
> Subject: Re: [SAtalk] How to use check_whitelist?
>
> That's just how it works. Two files make the database. The DBM
> specifies one file that
This one's been around so long, it should be able to drive by now.
However, SA 2.11 only gives it 4.8. How about a Very Special rule for it?
Say:
body40X_40X_40X /40 ?x ?40 ?x ?40 plan/i
describe40X_40X_40X 64000 worth of plan
score 40X_40X_40X 3.0
Al
Still on my TODO list :)
C
On Mon, 2002-03-04 at 04:17, Michael Moncur wrote:
> > I don't know if anyone's suggested this yet, but a "optional" sub-dir could
> > be added to the rules directory, to which a something like
> > "20_US_centric.cf"
> > could be put; SUBJ_FULL_OF_8BITS, ROUND_THE_WORL
I spent about 10 seconds thinking about this after I released it, and
realized I can just call the next one 2.20 and everyone will be happy
snappy.
C
On Mon, 2002-03-04 at 05:15, Shane Williams wrote:
> -BEGIN PGP SIGNED MESSAGE-
>
> On Sun, 3 Mar 2002, Craig R Hughes wrote:
>
> > I ju
I was wondering if filtering on this is a good idea, and as my subject
line is illegible, I'll add a real-life sample
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]>,
<[EMAIL PROTECTED]>, <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]>
--
Tal Kelrich
PGP Fingerprint: 3EDF FCC5
On Mon, 2002-03-04 at 06:51, Matt Sergeant wrote:
> The RPM should be called 2.1.1 (or 2.1_1), but the perl version is right
> at 2.11.
Doesn't matter if I go to 2.20 next.
C
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourcefo
Just remove the check lines that jm added -- ie check_whitelist becomes:
#!/usr/bin/perl
use warnings ;
use strict ;
use Fcntl;
use AnyDBM_File ;
use vars qw( %h $k $v ) ;
my $db = $ENV{HOME}."/.spamassassin/auto-whitelist";# is this right?
tie %h, "AnyDBM_File",$db, O_RDWR|O_CREAT|O_EXC
Eval tests are your friend. You can call get("To:addr") in there --
search the existing code for examples.
C
On Mon, 2002-03-04 at 08:16, Greg Ward wrote:
> /^dear\s+$local_part/i
>
> ought to be worth a point or so. But I don't see a good way to do
> *that* with a regex. That sort of thin
Thanks Theo,
way to go pointing out tips for the spammers :)
C
On Mon, 2002-03-04 at 07:22, Theo Van Dinter wrote:
> On Mon, Mar 04, 2002 at 09:11:23AM -0600, Seth H. Bokelman wrote:
> > folks. I don't think that Spammers are going to go through all the
> > trouble of obtaining a PGP key and s
On Fri, Mar 01, 2002 at 10:26:49PM -0800, Craig Hughes wrote:
> I also think DCC is possibly more promising than razor -- last time I looked
> at it (increasingly long time ago now) DCC looked a bit immature though.
> Stick a feature request in bugzilla though and I'll take a look again soon.
I,
Hi
Does SA support (or can we add support) for processing a directory that
has multiple messages to be reported?
I want to be able to run spamassassin -r and pass a directory path... that
would simplify processing a number of messages.
I'm integrating spamassassin into a webmail service that is
On Mon, Mar 04, 2002 at 10:00:20AM -0800, Craig Hughes wrote:
> way to go pointing out tips for the spammers :)
I try not to underestimate my enemies -- I think the spammers would have
figured this one out on their own. ;)
--
Randomly Generated Tagline:
"Smoking kills. If you're killed, you've
On Mon, 2002-03-04 at 08:38, Greg Ward wrote:
> [1] OK, OK, I thought of an idea: send a message to a special cooked
> address that you (the programmer) control; for SA, it might be
> "[EMAIL PROTECTED]". A script behind this address
> would record everything it can think of about thi
On Mon, Mar 04, 2002 at 10:05:25AM -0800, Ricardo Kleemann wrote:
> Does SA support (or can we add support) for processing a directory that
> has multiple messages to be reported?
>
> I want to be able to run spamassassin -r and pass a directory path... that
> would simplify processing a number o
Apparently it was sort of our fault -- there used to be a problem with
Razor resetting $/ or something, and now it doesn't any more, and our
workaround broke something apparently. Anyway, I've patched the problem
in CVS.
See http://bugzilla.spamassassin.org/show_bug.cgi?id=79 for more
details.
Already there. Check the *SUSP* rules.
C
On Mon, 2002-03-04 at 09:45, Tal Kelrich wrote:
> I was wondering if filtering on this is a good idea, and as my subject
> line is illegible, I'll add a real-life sample
>
> To: <[EMAIL PROTECTED]>
> Cc: <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]>,
><[
The new line of yelling stuff should push this over the top.
C
On Mon, 2002-03-04 at 09:49, Daniel Rogers wrote:
> This one's been around so long, it should be able to drive by now.
>
> However, SA 2.11 only gives it 4.8. How about a Very Special rule for it?
> Say:
>
> body40X_4
On Mon, 2002-03-04 at 10:16, Theo Van Dinter wrote:
> handlespam `find -type f`
Beware of exceeding the line length your shell accepts though if you do
it this way!
C
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforg
On Mon, Mar 04, 2002 at 10:28:27AM -0800, Craig Hughes wrote:
> On Mon, 2002-03-04 at 10:16, Theo Van Dinter wrote:
> > handlespam `find -type f`
>
> Beware of exceeding the line length your shell accepts though if you do
> it this way!
find -type f -exec handlespam {} && rm -f {} \;
will
On 04 March 2002, Matt Sergeant said:
> "Dear matt"
But your local part is "msergeant", I just checked! How much real mail
do you get that says "Dear msergeant"?
> Doesn't work for me, sorry... I actually see the presence of "dear ..."
> where "..." isn't sir or madam or any other generic term
Greetings,
Using perl 5.6.1,gcc 3.0.3, to build the latest version of SA, I get the
following errors
when trying to build spamd:
.
gcc -fno-strict-aliasing -I/usr/local/include -D_LARGEFILE_SOURCE
-D_FILE_OFFSET_BITS=64 -O spamd/spamc.c \
-o spamd/spamc -L/usr/local/lib -lsocket -lns
I've perused the razor list archives and my take is that they will
release the server daemon once they deal with the trust issues. They
don't want to have spammers setup a server and go thru and delete all
the hashes from the database.
Besides what difference does it make. If you are using Spam
On Mon, Mar 04, 2002 at 02:29:14PM -0500, Rose, Bobby wrote:
> I've perused the razor list archives and my take is that they will
> release the server daemon once they deal with the trust issues. They
> don't want to have spammers setup a server and go thru and delete all
> the hashes from the da
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Am Monday, 4. March 2002 04:01 schrieb Duncan Findlay:
> > Interesting negative scores:
> > score INCREASE_SALES -1.273
> > score CASHCASHCASH -0.839
> > score OPPORTUNITY-0.651
(...)
> And even if
On Mon, Mar 04, 2002 at 11:59:26AM -0800, Scott Doty wrote:
> On Mon, Mar 04, 2002 at 02:29:14PM -0500, Rose, Bobby wrote:
> > I've perused the razor list archives and my take is that they will
> > release the server daemon once they deal with the trust issues. They
> > don't want to have spammer
They've started using foreign languages now... a spam that just got
through all my filters contained the following at the end:
--
De acordo com as diretivas aprovadas no 105o Congresso de Base
Normativas Internacionais sobre SPAM, Seção 301, Parágrafo (a) (2) (c)
Decreto S. 1618, Título Terce
Tony Hoyle writes:
>They've started using foreign languages now... a spam that just got
>through all my filters contained the following at the end:
>
>--
>
>De acordo com as diretivas aprovadas no 105o Congresso de Base
>Normativas Internacionais sobre SPAM, Seção 301, Parágrafo (a) (2) (c)
>De
The one I see a lot that gives me the Publisher's
Clearing House customized warm fuzzy is a customized
subject. I've never seen a customized dear that I can
remember. I see a lot of subjects like:
Hello, kerry_nice, get your free porn here
I wouldn't be sure how to write something like that,
ma
I just upgraded to the new 2.11
release, using spamd and spamc with MySQL, and after upgrading now I cannot seem
to get spamd to lookup the SQL databases and cannot find any output concerning
SQL in the Debug output, or in the mysql log!
Am I missing something
obvious?
Thanks in advance.
Were you upgrading from 2.1? Very little changed from 2.1 to 2.11,
certainly none of the DB connection/lookup stuff. Double check your
installation to make sure everything's still in the right places. Maybe
try re-downloading and doing a make install again.
C
On Mon, 2002-03-04 at 14:02, Jay
Folks,
I'm trying to make a webpage where my users can submit SPAM, click a
button, and it's automagically router to sightings and spamcop.
Well, when I test this with a recent spam that slipped through, I
found that SF is reject mail based on bogus "From:" headers.
Generally, that's
No, I was upgrading from 1.5.
Thanks,
Jay Hodges
Draco Digital, LLC
http://www.dracodigital.com
http://www.luv2goshop.com
- Original Message -
From: "Craig Hughes" <[EMAIL PROTECTED]>
To: "Jay Hodges" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Monday, March 04, 2002 5:18 PM
Subje
On 04 March 2002, Donald Greer said:
> I'm trying to make a webpage where my users can submit SPAM, click a
> button, and it's automagically router to sightings and spamcop.
> Well, when I test this with a recent spam that slipped through, I
> found that SF is reject mail based on bogus "Fro
Tony Hoyle wrote:
> They've started using foreign languages now...
Now? Now? I've been getting spam in Spanish, Portuguese, French, German,
Chinese, and Japanese for a while now. I've even started getting spam on
my phone (AT&T allows e-mail access for short messages). I have to
admit, the w
On Mon, Mar 04, 2002 at 09:50:56AM -0800, Craig Hughes wrote:
> I spent about 10 seconds thinking about this after I released it, and
> realized I can just call the next one 2.20 and everyone will be happy
> snappy.
>
I named 2.1 as 2.10 for Debian. It's a bit wierd at first, but you get used
to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
How do you determine what version is running? I ran it with -D but I
saw no mention of the version number.
I have been just installing the new one on top of the old one, so I'm
not sure what version I'm actually running.
Mike Loiterman
[EMAIL PRO
I have proposed a patch to limit the number of children spawned by spamd. It
can be reached at http://bugzilla.debian.org/showattachment.cgi?attach_id=3
In order to make the patch, I had to remove a line saying 'important: avoids
perl sighandling bug on BSD'
I imagine that the new sighandler is
On Monday 04 March 2002 04:06 pm, Mike Loiterman wrote:
> How do you determine what version is running? I ran it with -D but I
> saw no mention of the version number.
Run with the "-h" option for help, and the version number will be in the last
line of the output.
--
Visit http://dmoz.org, t
Greetings!
Spamassassin is cool; thanks! In the few days its been installed for me,
my spam has gone down quite a bit. Nice.
A quick thought about the FAQ[1]: In the bit about "How do I report a
spam to Razor?" it would be nice to mention that spamassassin -d strips
the headers and inline modifi
>Doesn't work for me, sorry... I actually see the presence of "dear ..."
>where "..." isn't sir or madam or any other generic term as a sign that
>it's likely not spam. For certain most spammers aren't going to want to
>send emails having: "Dear 42fudge82323" where the recipient is
>[EMAIL PROTECT
Me thinks it would even be a good thing is SA could verify the signature :)
But where to get the key from?
Olivier
> | Playing devil's advocate, all the spammers have to do is add the text:
> |
> | -BEGIN PGP SIGNATURE-
> |
> |
> | They don't actually have to sign anything. Put it at t
Tony,
There are 3 or 4 versions of DB out in the wild, some quite old, some
newer.
The one with .dir .pag is old if I remember well, maybe you need to
install something newer.
Olivier
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists
Forward the original mail as a MIME message/rfc822 attachment
C
On Mon, 2002-03-04 at 15:37, Donald Greer wrote:
>Folks,
>I'm trying to make a webpage where my users can submit SPAM, click a
> button, and it's automagically router to sightings and spamcop.
>Well, when I test this wi
On Tue, Mar 05, 2002 at 08:49:10AM +0700, Olivier Nicole wrote:
> Me thinks it would even be a good thing is SA could verify the signature :)
>
> But where to get the key from?
>
Please don't verify the signature. Some things are best left to the MUA.
Verifying takes a LONG time, in some cases
Alternatively look at the X-Spam-Status header that SA inserts -- it
tags each message with its version number.
C
On Mon, 2002-03-04 at 16:30, Matthew Cline wrote:
> On Monday 04 March 2002 04:06 pm, Mike Loiterman wrote:
>
> > How do you determine what version is running? I ran it with -D but
I had the perlipc manpage signal handler in there in the first place,
and it had to be replaced with the one you just re-replaced. Definitely
would be good to have a number of BSDers hammer on this patch before I
roll it in. Otherwise, I could roll it in with a giant "Don't use -m on
BSD" warnin
On Mon, Mar 04, 2002 at 10:28:27AM -0800, Craig Hughes wrote:
| On Mon, 2002-03-04 at 10:16, Theo Van Dinter wrote:
| > handlespam `find -type f`
|
| Beware of exceeding the line length your shell accepts though if you do
| it this way!
FWIW, cmd.exe (windows) has a _very_ short line length
I agree. Verifying is probably overkill, and definitely slow, and the
MUA's job. Actually, probably not the MUA's job, but the MUA should
call something to do the job.
C
On Mon, 2002-03-04 at 18:01, Duncan Findlay wrote:
> On Tue, Mar 05, 2002 at 08:49:10AM +0700, Olivier Nicole wrote:
> > Me
Actually, it was a different sig handler from the same manpage, IIRC.
Don't use -m on BSD might be wise anyways, since essentially, my patch
simply allows connections to pile up without accepting them, until we have
the resources to handle them. I believe SOMAXCONN is 5 on BSD, so if you get
11 m
On Mon, Mar 04, 2002 at 09:01:45PM -0500, Duncan Findlay wrote:
| On Tue, Mar 05, 2002 at 08:49:10AM +0700, Olivier Nicole wrote:
| > Me thinks it would even be a good thing is SA could verify the signature :)
| >
| > But where to get the key from?
| >
|
| Please don't verify the signature. Som
>Please don't verify the signature. Some things are best left to the MUA.
>Verifying takes a LONG time, in some cases. My MUA also verifies. Does it
>make sense for both to do so?
OK then only check that the thingy bellow BEGIN PGP SIGNATURE---
is a valid signature. That should be quick.
Oli
On Mon, Mar 04, 2002 at 09:10:56PM -0500, I wrote:
> Actually, it was a different sig handler from the same manpage, IIRC.
>
Errr... now I remember. I think that the sighandler for SIGCHLD blocks any
new SIGCHLDs from occuring, meaning (as I interpret it) SIGCHLD doesn't get
re-executed. The sig
On Tue, Mar 05, 2002 at 09:20:22AM +0700, Olivier Nicole wrote:
> >Please don't verify the signature. Some things are best left to the MUA.
> >Verifying takes a LONG time, in some cases. My MUA also verifies. Does it
> >make sense for both to do so?
>
> OK then only check that the thingy bellow -
> > OK then only check that the thingy bellow BEGIN PGP SIGNATURE---
> > is a valid signature. That should be quick.
> I think validate = verify.
It does not need to be the same.
For example it does not need to have the public key of the one
signing, nor it needs to calculate the hash for th
On Tue, Mar 05, 2002 at 09:55:25AM +0700, Olivier Nicole wrote:
> > > OK then only check that the thingy bellow BEGIN PGP SIGNATURE---
> > > is a valid signature. That should be quick.
> > I think validate = verify.
>
> It does not need to be the same.
>
> For example it does not need to hav
> > It would need to check that the strings between BEGIN and END is in a
> > proper format that belongs tp PGP, even if PGP cannot finish
> > validating the signed text.
>
> And what is that format?
Well I have no idea, I beleive that could be solved by a call to PGP,
where PGP would abort say
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Here's a signed message for your tests.
- --
Greg Leffler| GPG Key Fingerprint (ID 0x5C49D3CA)
http://greg.louisville.ky.us| 2845 598C 879C 8B73 0EAB
[EMAIL PROTECTED] | 8DA1 7579 C1B6 5C49 D3CA
GPG Key available at the UR
Thanks the result is bellow, where sig is a file containing the
signature (from BEGIN PGP SIGNATURE to END PGP SIGNATURE) and
broken.sig is the same file where I deleted one byte.
Even if PGP (my version is quite old) cannot do anything with the
signature, it can assess that the signature is poss
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Weird, for some reason my PGP said your signature was bad on that
message.
Here's one signed by me! :)
- -Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of
Greg Leffler
Sent: Monday, March 04, 2002 9:51 PM
To:
On Tue, Mar 05, 2002 at 10:43:38AM +0700, Olivier Nicole wrote:
> > > It would need to check that the strings between BEGIN and END is in a
> > > proper format that belongs tp PGP, even if PGP cannot finish
> > > validating the signed text.
> >
> > And what is that format?
>
>
> Well I have no
I just reorganized my network topology, and to verify my port
forwarding, I sent myself a message. The SMTP session looks like
(done via telnet) :
MAIL FROM: <[EMAIL PROTECTED]>
250 <[EMAIL PROTECTED]> is syntactically correct
RCPT TO: [EMAIL PROTECTED]
250 <[EMAIL PROTECTED]> verified
DATA
354
Here's a slight refinement to the WORK_AT_HOME rule, designed to catch a spam
that slipped through today with the variation "working at home". I also changed
it to be case-insensitive.
body WORK_AT_HOME /(?:(?:WORK|MAKE (?:MONEY|\${1,})|WORKING)
(?:AT|FROM) HOME|HOME.?WORKER)/i
desc
* Duncan Findlay <[EMAIL PROTECTED]> [2002-03-04T20:19-0800]:
> This is signed - mutt style. (I'm not really sure how this turns out in
> other MUA's. I think it's a multpart mime message.
multipart/signed, and apparently not matched by the rawbody
PGP_SIGNATURE rule in SA 2.11. Maybe an additio
Razor doesn't care about headers only the message body. Message headers
are not unique (dates, froms, tos, relays would be different for
everyone)and would generate a different hash.
The word hi has probably been registered by someone just like test.
-Original Message-
From: dman [mail
Hrmm, even better would be the following header check, which should be
faster to process and harder to fake:
header PGP_MIME_SIGNATURE Content-Type =~ /multipart\/signed;
micalg.*application\/pgp-signature"/s
describe PGP_MIME_SIGNATURE Contains PGP-signed MIME attatchement
Due to every m
On Mon, 4 Mar 2002, dman wrote:
> On Mon, Mar 04, 2002 at 09:01:45PM -0500, Duncan Findlay wrote:
>| On Tue, Mar 05, 2002 at 08:49:10AM +0700, Olivier Nicole wrote:
>| > Me thinks it would even be a good thing is SA could verify the
>| > signature :)
[...]
> As I haven't figured out how to use g
On Mon, 4 Mar 2002, Greg Ward wrote:
> On 01 March 2002, Matthew Cline said:
>> Even if this is a good idea (is it?), I don't know how to go about
>> getting the user's email adress. If it's the user who's invoking SA,
>> there might be some way to get the info from the environment, but I
>> want
95 matches
Mail list logo
