On 06/13/2012 08:16 AM, Niamh Holding wrote:
Hello Axb,
Wednesday, June 13, 2012, 7:07:59 AM, you wrote:
A> Nobody stops you from changing the SOUGHT rules' scores if you think
A> they're scored too high.
I'm keeping an eye on the false positives caused by them to make that
call.
Is there
Hello Axb,
Wednesday, June 13, 2012, 7:07:59 AM, you wrote:
A> Nobody stops you from changing the SOUGHT rules' scores if you think
A> they're scored too high.
I'm keeping an eye on the false positives caused by them to make that
call.
Is there anywhere we can send misscored ham to help impro
On 06/13/2012 07:53 AM, Niamh Holding wrote:
Hello Benny,
Wednesday, June 13, 2012, 1:36:37 AM, you wrote:
BP> nope sought rules just needs more ham
Unless a rule is almost perfect then for it to apply 80% of the
default spam identification score is probably excessive.
Nobody stops you fr
Hello Benny,
Wednesday, June 13, 2012, 1:36:37 AM, you wrote:
BP> nope sought rules just needs more ham
Unless a rule is almost perfect then for it to apply 80% of the
default spam identification score is probably excessive.
--
Best regards,
Niamhmailto:ni...@full
On Wed, 2012-06-13 at 03:04 +0200, Wolfgang Zeikat wrote:
> On 2012-06-12 20:52, Martin Gregorie wrote:
>
> > so its probably worth treating .gg
> > the same way as .cn and .ru, though for slightly different reasons.
>
> Unless you're in .cn, .ru or vicinity or have correspondence partners
> t
On 2012-06-12 20:52, Martin Gregorie wrote:
> so its probably worth treating .gg
> the same way as .cn and .ru, though for slightly different reasons.
Unless you're in .cn, .ru or vicinity or have correspondence partners
there, you may be right.
wolfgang
Den 2012-06-12 09:02, Niamh Holding skrev:
Though I must admit I'm finding the score of 4 a bit high and it's
causing misclassification of the occasional ham.
nope sought rules just needs more ham
Sorry for butting in a bit late...
Ed Abbott wrote:
Kris Deugau wrote:
Just keep in mind that NetworkManager may meddle with your resolv.conf,
so you can either keep a watch and manually fix it, or do as I've taken
to doing and setting the immutable bit with "chattr +i" so it can't be
changed
Seen: Spam using an INPUT tag, type=image, instead of an IMG tag. There is
no form tag, so clicking does nothing, but the image loads to screen. Below
is the complete body of a sample (included here since it is very short).
The string after id= varies per sample. I munged it here to ''.
The
On Tue, 2012-06-12 at 18:47 +0100, Stephane Chazelas wrote:
> 2012-06-12 16:36:44 +0100, Martin Gregorie:
> > Today I got a piece of spam carrying the URL chasovik.it.gg as its
> > payload. I was intrigued because I didn't think .gg was a valid tld and
> > looked it up with 'whois'. Sure enough, no
2012-06-12 16:36:44 +0100, Martin Gregorie:
> Today I got a piece of spam carrying the URL chasovik.it.gg as its
> payload. I was intrigued because I didn't think .gg was a valid tld and
> looked it up with 'whois'. Sure enough, no match was found. However,
> 'host' resolved it as 80.190.202.40 and
On Tue, 2012-06-12 at 17:24 +0100, s...@yacc.co.uk wrote:
> .gg is Guernsey ... it's definitely there ... I can see it out the
> window :)
>
Thanks for that clarification. I wasn't as clear as I could have been.
The URL in the spam body was unknown to 'whois' but was resolved by
'host'. I've previ
> From: Martin Gregorie [mailto:mar...@gregorie.org]
> Sent: 12 June 2012 16:37
> To: Spamassassin users list
> Subject: Is this a new typoe of URI obfuscation?
>
> Today I got a piece of spam carrying the URL chasovik.it.gg as its
> payload. I was intrigued because I didn't think .gg was a valid
On 6/12/12 11:36 AM, Martin Gregorie wrote:
Today I got a piece of spam carrying the URL chasovik.it.gg as its
payload. I was intrigued because I didn't think .gg was a valid tld and
looked it up with 'whois'.
that just means that the tld provider is violating RFC's, no that the
tld is invalid:
On Tue, 12 Jun 2012 16:36:44 +0100
Martin Gregorie wrote:
> Today I got a piece of spam carrying the URL chasovik.it.gg as its
> payload. I was intrigued because I didn't think .gg was a valid tld
> and looked it up with 'whois'. Sure enough, no match was found.
.gg is a valid TLD: http://en.wik
Today I got a piece of spam carrying the URL chasovik.it.gg as its
payload. I was intrigued because I didn't think .gg was a valid tld and
looked it up with 'whois'. Sure enough, no match was found. However,
'host' resolved it as 80.190.202.40 and a 'host' lookup on the IP
resolved to homepage-bauk
Hello Christopher,
Tuesday, June 5, 2012, 5:26:43 PM, you wrote:
CT> The scoring rule is 4.0 JM_SOUGHT_3, which is one of the "sought
CT> channel" rules distributed (and regularly updated) by the
CT> sought.rules.yerp.org channel in SpamAssassin [1].
Though I must admit I'm finding the score of
17 matches
Mail list logo
