On Fri, 24 Feb 2017 16:26:38 -0500
Alex wrote:
> We've actually had false-positives due to how the list is built into
> rules. In other words, "i...@ca.com" is still on the list from 2011.
> They're also not bounded by default, so noi...@ca.com and
> morei...@ca.com would also be caught, for exam
On 25/02/2017, 00:39, "Alex" wrote:
header PDS_FROM_OTHER_BAD_TLD eval:check_from_in_list('NEWSPAMMY')
This particular check will not work as the current release of SA does not
include the improvement in the BZ report. If you have the patch included (I
can’t support you patching your
Hi,
I'm using version 3.4.0 on Debian stable.
I noticed that when presented with some IPv6 addresses, the ASN
plugin is actually querying them as an IPv4 address e.g. turning
2600:… into 2.0.0.0 and coming back with the wrong ASN.
This appears to already be documented in the bugzilla:
http
