Re: What does that rule mean "SUBJ_OBFU_PUNCT FEW"

On Wed, 13 Jan 2021, Philipp Ewald wrote: SUBJ_OBFU_PUNCT_FEW -> Possible punctuation-obfuscated Subject: header SUBJ_OBFU_PUNCT_MANY -> Punctuation-obfuscated Subject: header We send mails Like this: (You got a E-Mail) Subject: : Mailservice: Neue Mail Ok. I will assume is an email addr

Re: What does that rule mean "SUBJ_OBFU_PUNCT FEW"

Philipp Ewald schrieb am 13.01.2021 um 18:40: Subject: : Mailservice: Neue Mail The rule actually matches, if you have usernames like "anton.b", which produces a subject like this: Subject: : Mailservice: Neue Mail However, the rule scores a measly 0.749, which isn't marking a message as sp

Re: What does that rule mean "SUBJ_OBFU_PUNCT FEW"

No the Support said "Yes your listed because your "no-reply@" his hitting the following rules..." nothing *else* On 1/13/21 6:07 PM, John Hardin wrote: The scores on those rules are rather low - they are not "poison pills". What *else* are those mails hitting? -- Philipp Ewald Adminis

Re: What does that rule mean "SUBJ_OBFU_PUNCT FEW"

aaah sorry: i mean "no-reply(system notification)" E-Mails Hits SPAM Rule: SUBJ_OBFU_PUNCT_FEW -> Possible punctuation-obfuscated Subject: header SUBJ_OBFU_PUNCT_MANY -> Punctuation-obfuscated Subject: header We send mails Like this: (You got a E-Mail) X-To: <@web.de> From: "" Reply-To: ""

Re: What does that rule mean "SUBJ_OBFU_PUNCT FEW"

On Wed, 13 Jan 2021, Philipp Ewald wrote: Hello, we try to deliver mails to GMX/WEB but we got frequency blocked because "ro-reply@ Mails" hits following rules: SUBJ_OBFU_PUNCT_FEW -> Possible punctuation-obfuscated Subject: header SUBJ_OBFU_PUNCT_MANY -> Punctuation-obfuscated Subject: he

Re: Emotet today..

Pedro, do you see sigs for it yet? We're seeing a ton of Doc.Dropper.EmotetRed1220-9816007-0. Have you submitted a sample to Steve at Sanesecurity and clamav? Best, Dave On 1/13/21 10:39 AM, Pedro David Marco wrote: Hi all... sorry for the semi off-topic... Today Emotet is being sent in an

Re: What does that rule mean "SUBJ_OBFU_PUNCT FEW"

Philipp Ewald schrieb am 13.01.2021 um 16:57: we try to deliver mails to GMX/WEB but we got frequency blocked because "ro-reply@ Mails" hits following rules: SUBJ_OBFU_PUNCT_FEW -> Possible punctuation-obfuscated Subject: header SUBJ_OBFU_PUNCT_MANY ->  Punctuation-obfuscated Subject: header

Re: What does that rule mean "SUBJ_OBFU_PUNCT FEW"

On Wednesday 13 January 2021 at 16:57:55, Philipp Ewald wrote: > Hello, > > we try to deliver mails to GMX/WEB but we got frequency blocked because > "ro-reply@ Mails" hits following rules: Sorry, but what do you mean by "ro-reply@ Mails"? > SUBJ_OBFU_PUNCT_FEW -> Possible punctuation-obfuscate

What does that rule mean "SUBJ_OBFU_PUNCT FEW"

Hello, we try to deliver mails to GMX/WEB but we got frequency blocked because "ro-reply@ Mails" hits following rules: SUBJ_OBFU_PUNCT_FEW -> Possible punctuation-obfuscated Subject: header SUBJ_OBFU_PUNCT_MANY -> Punctuation-obfuscated Subject: header i can't find any good declaration for t

Emotet today..

Hi all... sorry for the semi off-topic... Today Emotet is being sent in an encrypted zip with the password embedded into an anti-ocr image.. watch out! -Pedrete