How about this?
BODY dottywords /[a-z]\.[a-z].+[a-z]\.[a-z].+[a-z]\.[a-z].+[a-z]\.[a-z]/is
Probably not too efficient, and completely untested, but it should match
messages with 4 or more d.ott.y w.or.ds
At 10:56 AM 5/24/2003 -0700, lindsay adams wrote:
I just got a piece of pr0n spam that had
I am starting a collection of "hype" words that I can use in conjunction
with other tests to boost scores and reduce false positives. The idea
works like this: If you have an email with the words "pain relief", I
would give it a small score, because that phrase could occur in a
legitimate ema
At 09:58 AM 6/16/2003 -0400, Chris Santerre wrote:
This isn't a request, more an open discussion.
Would it be good to program a default counter function in SA so that users
may custom write rules using it. IE a simple function call in SA called
'counter' instead of header. Then you simply feed i
I ran into the same problem today, and came here looking for a solution. I
think it would be a good feature to allow users to disable AWL for certain
email addresses specified in the user_prefs file.
It would be easy to implement. Can anyone see any downside to doing so?
Chris Eykamp
At 10:4
Hello,
I've implemented a Bayesian filtering scheme on my system that runs
concurrent with SpamAssassin. It works really well, but I am starting to
think there is an easy attack that would render the filtering useless.
What if, at the end of every message, spammers appended a list of a
thousa
Of course, SA could be easily modified to remove any pre-existing
X-Spam-Flag headers before writing its own...
At 05:24 PM 11/18/2002 -0500, Philip Mak wrote:
On Mon, Nov 18, 2002 at 02:02:59PM -0800, Bob Amen wrote:
> Slightly off topic but... I got the attached piece of spam today
> with two
At 04:40 PM 11/20/2002 +, Matt Sergeant wrote:
Sean Redmond said the following on 20/11/02 16:16:
Matt Sergeant wrote:
Plus, their pitch would be so buried in all the fluff that you
wouldn't be able to find it unless they made the the linuxy text very
small or white-on-white or clear, an
At 01:24 PM 11/20/2002 -0600, Bob Apthorpe wrote:
Hi,
On Wed, 20 Nov 2002, Christopher Eykamp wrote:
> At 04:40 PM 11/20/2002 +, Matt Sergeant wrote:
> >Argh. Lingo breakage. I meant probability. The way bayes works is you get
> >all the probabilities and combine th
This would work well most of the time, but I have been getting spam with
the return address of others on my domain to whom I regularly send
mail. That is, the spammers are trolling their address database and using
people I likely know as the return address. Your scheme would let these
message
5, 2002, at 10:52 US/Pacific, Christopher Eykamp wrote:
This would work well most of the time, but I have been getting spam with
the return address of others on my domain to whom I regularly send
mail. That is, the spammers are trolling their address database and
using people I likely know a
Would it make sense to do a Bayesian analysis using not only on individual
words, but also the SpamAssassin regex tests in order to detect phrases and
patterns that would be missed using a naive word-by-word analysis? And if
that worked, would it then not make sense to discard the standard SA
I've got over 700 lines of custom rules in my user_prefs file, and it
generally works very well. But there are times when I find myself writing
the same rule over and over again, with slight variations. For example:
uri AmericaMessage /America-message/i
score AmericaMessage 3
describe Amer
I use this:
# This is a reformulation of standard test VERY_SUSP_RECIPS
header SimilarToNames ToCc =~ /\b([a-z][a-z])[^@,<>\(\)
]{0,20}(@[-a-z0-9_\.]{2,4}).{0,80}?(?:\1[^@,<>\(\) ]{0,20}\2.{0,80}?){2,}/is
describeSimilarToNames To: and Cc: contain similar
use
Wouldn't you be better off using a URI test rather than RAWBODY?
At 08:06 PM 2/10/2003 -0500, Matt Kettler wrote:
Although I'll warn you that such a rule is also likely to fire off on a
lot of nonspam mail, as this is common in a LOT of URLs using scripting,
the rule you desire would be someth
I am pretty good at regex, but am stumped by this seemingly easy problem:
How can I match the following: "s\.ex" and "se\.x" and "s\.e\.x" but not
"sex" without including all the possible permutations? Is there an elegant
solution?
Thanks,
Chris
Hello,
I am trying to upgrade to SA261. Unfortunately, the server processing my
mail does not let me create executables with gcc, so I am unable to go
through the standard SA install process. (Fails at "make Install".) Does
anyone out there have any ideas on how I can get SA up and running wit
. not root). Try those guidelines/directions and see if that helps.
Also, when you say upgrade you mean that it's already installed on the box
or your user account. If it's the box you need the admin or ISP to do it.
Gary Smith
-Original Message-
From: [EMAIL PROTECTED
17 matches
Mail list logo
