On Tue, 7 Jul 2020, Martin Gregorie wrote:
On Tue, 2020-07-07 at 22:07 +, Pedro David Marco wrote:
Thanks Martin, but the meta may be possitive if one URL triggers
SUBRULE1 and another different URL triggers SUBRULE2...
how can you be sure both SUBRULES are possitive in the "same" URL?
On Tue, 7 Jul 2020, Martin Gregorie wrote:
On Tue, 2020-07-07 at 20:39 +, Pedro David Marco wrote:
>On Tuesday, July 7, 2020, 03:16:34 PM GMT+2, Henrik K <
h...@hege.li> wrote:
Also newer SpamAssassin already has URIDetail plugin which can also
do what you want:
uri_detail SYMBOLIC_
>On Wednesday, July 8, 2020, 12:28:37 AM GMT+2, Martin Gregorie
wrote:
>>I didn't spot the requirement that the URIs must match: I read your
>requirement as being that two matches from a group of URLs within a
>defined set or with the same second level domain would do. My mistake.
Proba
On Tue, 2020-07-07 at 22:07 +, Pedro David Marco wrote:
> Thanks Martin, but the meta may be possitive if one URL triggers
> SUBRULE1 and another different URL triggers SUBRULE2...
> how can you be sure both SUBRULES are possitive in the "same" URL?
>
I didn't spot the requirement that the U
>On Tuesday, July 7, 2020, 11:56:22 PM GMT+2, Martin Gregorie
wrote:
> That should be easy enough to do with a metarule:
>uri __SUBRULE1 /(URL alternateslist1)/
>uri __SUBRULE1 /(URL alternateslist2)/
>meta MYMETARULE (__SUBRULE1 && __SUBRULE2)
>score MYMETARULE 6.0
.>..or somethin
On Tue, 2020-07-07 at 20:39 +, Pedro David Marco wrote:
>
>
>>On Tuesday, July 7, 2020, 03:16:34 PM GMT+2, Henrik K <
> h...@hege.li> wrote:
>
> > Also newer SpamAssassin already has URIDetail plugin which can also
> > do what you want:
> > uri_detail SYMBOLIC_TEST_NAME key1 =~ /va
>On Tuesday, July 7, 2020, 03:16:34 PM GMT+2, Henrik K wrote:
>Also newer SpamAssassin already has URIDetail plugin which can also do what
>you want:
> uri_detail SYMBOLIC_TEST_NAME key1 =~ /value1/ key2 !~ /value2/ ...
if it uses the same key more than once, then uri_detail joins t
On 07 Jul 2020, at 07:16, Henrik K wrote:
> On Tue, Jul 07, 2020 at 11:41:01AM +, Pedro David Marco wrote:
>>
>>> On Tuesday, July 7, 2020, 01:05:36 PM GMT+2, Henrik K wrote:
>>
>>
>>> What examply do you mean by checking multiple regex on the "same" URL? Give
>> an example. Most likely
Hai!
That isn't only Phishtank data...
+1
and using that data in that particular way hardly scales to bigger setups
data could be stored in DB_File just like GeoIP2, that saves ram imho
Treansferring the complete set over and over might now be the best way of
doing the distribution of
On Tue, Jul 07, 2020 at 11:41:01AM +, Pedro David Marco wrote:
>
> >On Tuesday, July 7, 2020, 01:05:36 PM GMT+2, Henrik K wrote:
>
>
> >What examply do you mean by checking multiple regex on the "same" URL? Give
> an example. Most likely it's already possible without any changes.
>
>
>
On 7/7/20 2:57 PM, Benny Pedersen wrote:
Axb skrev den 2020-07-07 14:46:
That isn't only Phishtank data...
+1
and using that data in that particular way hardly scales to bigger setups
data could be stored in DB_File just like GeoIP2, that saves ram imho
rblnsd is the way to go:
- you ca
Axb skrev den 2020-07-07 14:46:
That isn't only Phishtank data...
+1
and using that data in that particular way hardly scales to bigger
setups
data could be stored in DB_File just like GeoIP2, that saves ram imho
FTR: GoogleSafeBrowsing is not free for all, anymore
that explains low hi
Hai!
I Tried GoogleSafeBrowsing but not helping much as it has very low
detection ratio.
is another reporting problem
whatever that may mean
if all phishes is reported to google then safebrowsing would be more
usefull
FTR: GoogleSafeBrowsing is not free for all, anymore
If i recall c
On 7/7/20 2:39 PM, Benny Pedersen wrote:
Axb skrev den 2020-07-07 13:23:
domains listed in Phishtank are picked up by SURBL
and rbldnsd support a fix of this
https://www.isc.org/blogs/qname-minimization-and-privacy/
i have disabled it in bind9
Phishtank signatures in SpamAssassin?
http
Axb skrev den 2020-07-07 13:23:
domains listed in Phishtank are picked up by SURBL
and rbldnsd support a fix of this
https://www.isc.org/blogs/qname-minimization-and-privacy/
i have disabled it in bind9
Phishtank signatures in SpamAssassin?
https://spamassassin.apache.org/full/3.4.x/doc
>On Tuesday, July 7, 2020, 01:05:36 PM GMT+2, Henrik K wrote:
>What examply do you mean by checking multiple regex on the "same" URL? Give
>an example. Most likely it's already possible without any changes.
for example.. checking if an URL matches Regex1 BUT does NOT matches Regex
On 7/7/20 1:20 PM, Benny Pedersen wrote:
KADAM, SIDDHESH skrev den 2020-07-07 13:13:
Can anybody suggest me a best possible way to block phish/malware url
from body of an email using spamassassin.
report to https://phishtank.com/ 1 step :=)
next is to use https://sanesecurity.com/ with phish
KADAM, SIDDHESH skrev den 2020-07-07 13:13:
Can anybody suggest me a best possible way to block phish/malware url
from body of an email using spamassassin.
report to https://phishtank.com/ 1 step :=)
next is to use https://sanesecurity.com/ with phishtank signatures
using phishtank signature
On 7/7/20 1:13 PM, KADAM, SIDDHESH wrote:
Guys,
Can anybody suggest me a best possible way to block phish/malware url from body
of an email using spamassassin.
I Tried GoogleSafeBrowsing but not helping much as it has very low detection
ratio.
Regards,
Siddhesh
iirc "ramprasad at NETCORE.C
Guys,
Can anybody suggest me a best possible way
to block phish/malware url from body of an email using
spamassassin.
I Tried GoogleSafeBrowsing but not helping
much as it has very low detection ratio.
Regards,
Siddhesh
On Tue, Jul 07, 2020 at 10:18:30AM +, Pedro David Marco wrote:
> I have written a small simple patch (tested in SA 3.4.2 so far, sorry) to be
> able to check up to three regex expressions on the "same" URL. It seems to
> work
> well
> but... any crazy (with all respects) volunteer for checks..
Ha!
>We report abuse to many organisations, including, but not limited to company's
like sendgrid.
We are so tired af reporting abuse with no answer at all, that we
stopped reporting problems time ago :-( as Marc Roos has said...
we are not paid for it !
Understand completely.
Iron
>On Tuesday, July 7, 2020, 11:24:10 AM GMT+2, Raymond Dijkxhoorn
wrote:
>Hello Marc,
>I hear you. And dont worry about that ;) rather have a clean inbox and so do
>more people.
>We report abuse to many organisations, including, but not limited to company's
>like sendgrid.
>Raymond Dij
On 07.07.20 10:18, Pedro David Marco wrote:
I have written a small simple patch (tested in SA 3.4.2 so far, sorry) to
be able to check up to three regex expressions on the "same" URL. It
seems to work wellbut... any crazy (with all respects) volunteer for
checks.. tests... etc?
Disclaimer:
I have written a small simple patch (tested in SA 3.4.2 so far, sorry) to be
able to check up to three regex expressions on the "same" URL. It seems to work
wellbut... any crazy (with all respects) volunteer for checks.. tests... etc?
Disclaimer: I am not a super Perl developer, so the code may b
Hello Marc,
They definately do. I report to them and they do take them down
pretty quickly.
Make sure you get paid for doing this every time. Because you are doing
the work that they should be doing.
I hear you. And dont worry about that ;)
I rather have a clean inbox and so do more people.
Hi!
Since a long time (and i know there has been discussion about it in the
past) both SURBL and DBL offer their datalist as a wildcarded list.
Yet spamassassin still is stripping down the lookups to the base level and
doing the ookups for that. Unless its inside the 2tld and 3tld additions.
>> They definately do. I report to them and they do take them down
pretty quickly.
Make sure you get paid for doing this every time. Because you are doing
the work that they should be doing.
Hai!
it might help to add your complaint via ab...@sendgrid.com.
I very much doubt it. Sendgrid's business is sending mail and they do not
care if that mail is spam or not. If enough servers block them they will go
away.
They do, however, apparently care about phishing - they did disable t
29 matches
Mail list logo
