Have recently been having 1000's of spam slipping past Spamassassin... they
all seem to be pretty much identical in format but Spamassassin isn't
scoring them even high enough to be tagged.
- they are all flagged as important
- a single line having so far have one of two common phrases followed by
Hi All,
Have been trying to write a regex for a custom rule to catch a particular
spam that's been annoying the heck out of me.
I've got about 6 body rules and have narrowed the problem down to the regex
that tries to catch this part (text appears in SPAM exactly as below,
including case, brack
> The latest variant is "gooogle.com", which is a legit alias for Google,
> and appears to work with all the regular spammer trick parameters.
>
> I've also seen two more google TLD variants.
And another variation this morning with 4 slashes instead of 2 between the
domain and 'search'
Cheers,
>
Have seen a bunch more Google "btnI" spam the past couple days, seem to be
triggering just fine on the rules posted elsewhere on this thread.
However, these last bunch seem to have a trick, the only other text in the
message aside from the URL seems to be a date string. Somehow that must
totall
> Does anyone have a regular expression to match the URI in Googlepages and
> livefilestore spams that have been coming through the last little while.
Thanks to the many people that responded, I'll be giving some of these
tricks a try!
Cheers,
> Mike <
Does anyone have a regular expression to match the URI in Googlepages and
livefilestore spams that have been coming through the last little while.
I've been trying to come up with a local rule to bump up their scores but
apparently my regular expression skills suck because I haven't been able to
ma
> > I'm not sure whether it's supposed to be a DDOS attack, a dictionary
> attack,
> > bunch-o-bots or what. Since about the 26th of Dec I've had one
> particular
> > mailserver that has been dealing with a constant stream of crap...
> That is, if a specific IP address tries sending to bad users
Hi All,
A bit off topic since the users are all unknown so the traffic never makes
it to my spamassassin. But I am hoping that someone here may have seen the
same thing and have a solution for making the problem "go-away" :-)
I'm not sure whether it's supposed to be a DDOS attack, a dictionary a
Has anyone else been seeing the empty-body "PDF" spam, but with a .fdf file
extension. Had a whole pile in my inbox here this morning.
Cheers,
> Mike <
