On Tue, 10 Jun 2014, Axb wrote:
On 06/10/2014 12:17 AM, Philip Prindeville wrote:
nope... wiht robldnsd you set your BL zone to use the ip4trie
dataset
which as perhttp://www.corpit.ru/mjt/rbldnsd/rbldnsd.8.html
ip4trie Dataset Set of IP4 CIDR ranges with corresponding (A,
TXT) values. This
On 06/10/2014 12:17 AM, Philip Prindeville wrote:
nope... wiht robldnsd you set your BL zone to use the ip4trie
dataset
which as perhttp://www.corpit.ru/mjt/rbldnsd/rbldnsd.8.html
ip4trie Dataset Set of IP4 CIDR ranges with corresponding (A,
TXT) values. This dataset is similar to ip4set, but
On Jun 9, 2014, at 7:11 PM, David B Funk wrote:
> Just beware of FPs, I've seen some ugly URLs from things like airline
> reservation confirmations. (spammers are getting better at stealing
> features from legit messages to protect their garbage).
FWIW, I haven't had a single FP on that or any o
On Jun 9, 2014, at 4:25 PM, John Hardin wrote:
> On Mon, 9 Jun 2014, Philip Prindeville wrote:
>
>> We’re getting a lot of spam that contains URL’s which look like (remove
>> the ):
>>
>> http://mabsut.com/20220362/vuxtxumsrnsst6unlornt3umtfuwznvv~5v0nmro0ysnx_u_usqzxs
On Mon, 9 Jun 2014, Amir Caspi wrote:
On Jun 9, 2014, at 4:25 PM, John Hardin wrote:
On Mon, 9 Jun 2014, Philip Prindeville wrote:
http://mabsut.com/20220362/vuxtxumsrnsst6unlornt3umtfuwznvv~5v0nmro0ysnx_u_usqzxsrwlln_t_t_tomtdyumplnl_ts_tn_ttce/unnt7uqs_mrn_ttdfw3yuw_h_03xo_gl_67_8gw_b
On Jun 9, 2014, at 4:25 PM, John Hardin wrote:
> On Mon, 9 Jun 2014, Philip Prindeville wrote:
>
>> http://mabsut.com/20220362/vuxtxumsrnsst6unlornt3umtfuwznvv~5v0nmro0ysnx_u_usqzxsrwlln_t_t_tomtdyumplnl_ts_tn_ttce/unnt7uqs_mrn_ttdfw3yuw_h_03xo_gl_67_8gw_buutxveumpomte3yuo_tlltcx3yumsrns
On Mon, 9 Jun 2014, Philip Prindeville wrote:
We’re getting a lot of spam that contains URL’s which look like (remove the
):
http://mabsut.com/20220362/vuxtxumsrnsst6unlornt3umtfuwznvv~5v0nmro0ysnx_u_usqzxsrwlln_t_t_tomtdyumplnl_ts_tn_ttce/unnt7uqs_mrn_ttdfw3yuw_h_03xo_gl_67_8gw_buutxv
On Jun 9, 2014, at 3:10 PM, Axb wrote:
> On 06/09/2014 11:03 PM, Philip Prindeville wrote:
>>
>> On Jun 6, 2014, at 3:50 PM, Axb wrote:
>>
>>> If you have to post a spam sample, pls use pastebin and post the full msg
>>>
>>> On 06/06/2014 11:32 PM, Philip Prindeville wrote:
We’re gettin
On 06/09/2014 11:03 PM, Philip Prindeville wrote:
On Jun 6, 2014, at 3:50 PM, Axb wrote:
If you have to post a spam sample, pls use pastebin and post the full msg
On 06/06/2014 11:32 PM, Philip Prindeville wrote:
We’re getting a lot of spam that contains URL’s which look like (remove the
#
On Jun 6, 2014, at 3:50 PM, Axb wrote:
> If you have to post a spam sample, pls use pastebin and post the full msg
>
> On 06/06/2014 11:32 PM, Philip Prindeville wrote:
>> We’re getting a lot of spam that contains URL’s which look like (remove the
>> ):
>>
>> http://mabsut.com/2022036
On 6/7/2014 3:31 AM, David B Funk wrote:
This does require
some baby-sitting as it will get traffic that is the results of a real
human
fat-fingering a legit recipient.
Perhaps use just subdomains then? Such as
venusflyt...@invalid.uiowa.edu to eliminate the risk of legit
fat-fingered emai
On 06/07/2014 04:34 AM, lucas k wrote:
So, does anyone have any idea how to get a freshly made email address to
get clogged with spam in the shortest amount of time?
It always depends what kind of spam you want to attract.
Spam traps are like good wine, they need to age.
Google around and you
On 06/07/2014 02:02 AM, Karsten Bräckelmann wrote:
On Fri, 2014-06-06 at 23:50 +0200, Axb wrote:
[...] Anyone have some working rules they could share?
Pls note than any rule shared via lists usually looses its teeth within
a few hours .-)
Sorry, that's incorrect. The SA commits mailing lis
On 06/07/2014 02:36 AM, Philip Prindeville wrote:
On Jun 6, 2014, at 3:50 PM, Axb wrote:
If you have to post a spam sample, pls use pastebin and post the full msg
Here’s a prototype:
http://ur1.ca/hgxkx
This is just the generic daily snowshoe type of spam.
One or more URIBLs detects the
On Fri, 6 Jun 2014, lucas k wrote:
I'm having the exact opposite problem. I've created several new addresses
that i'm hoping to get clogged up with spam so that I can have a fluid target
to write rules against, but so far... nothing.
craig@dioxidized, where i posted a bunch of ads on craigsli
On Fri, 2014-06-06 at 22:34 -0400, lucas k wrote:
> I'm having the exact opposite problem. I've created several new
> addresses that i'm hoping to get clogged up with spam so that I can have
> a fluid target to write rules against, but so far... nothing.
>
> craig@dioxidized, where i posted a bu
I'm having the exact opposite problem. I've created several new
addresses that i'm hoping to get clogged up with spam so that I can have
a fluid target to write rules against, but so far... nothing.
craig@dioxidized, where i posted a bunch of ads on craigslist with the
address exposed has not
On Sat, 7 Jun 2014, Karsten Bräckelmann wrote:
On Fri, 2014-06-06 at 19:02 -0700, John Hardin wrote:
On Sat, 7 Jun 2014, Karsten Bräckelmann wrote:
That Return-Path really sticks out. It's basically the From: address
with embedded To: address.
It would be possible to do a multiple-header
On Fri, 2014-06-06 at 19:02 -0700, John Hardin wrote:
> On Sat, 7 Jun 2014, Karsten Bräckelmann wrote:
> > That Return-Path really sticks out. It's basically the From: address
> > with embedded To: address.
> It would be possible to do a multiple-header rule with captures and
> backreferences to
On Sat, 7 Jun 2014, Karsten Bräckelmann wrote:
On Fri, 2014-06-06 at 18:36 -0600, Philip Prindeville wrote:
On Jun 6, 2014, at 3:50 PM, Axb wrote:
If you have to post a spam sample, pls use pastebin and post the full msg
Here’s a prototype:
http://ur1.ca/hgxkx
That Return-Path really sti
On Fri, 2014-06-06 at 18:36 -0600, Philip Prindeville wrote:
> On Jun 6, 2014, at 3:50 PM, Axb wrote:
>
> > If you have to post a spam sample, pls use pastebin and post the full msg
>
> Here’s a prototype:
> http://ur1.ca/hgxkx
That Return-Path really sticks out. It's basically the From: addres
On Jun 6, 2014, at 3:50 PM, Axb wrote:
> If you have to post a spam sample, pls use pastebin and post the full msg
>
Here’s a prototype:
http://ur1.ca/hgxkx
On Fri, 2014-06-06 at 23:50 +0200, Axb wrote:
> > [...] Anyone have some working rules they could share?
>
> Pls note than any rule shared via lists usually looses its teeth within
> a few hours .-)
Sorry, that's incorrect. The SA commits mailing list is not code only,
but includes rules/ and s
On Fri, 6 Jun 2014, Philip Prindeville wrote:
We’re getting a lot of spam that contains URL’s which look like (remove the
):
http://mabsut.com/20220362/vuxtxumsrnsst6unlornt3umtfuwznvv~5v0nmro0ysnx_u_usqzxsrwlln_t_t_tomtdyumplnl_ts_tn_ttce/unnt7uqs_mrn_ttdfw3yuw_h_03xo_gl_67_8gw_buutxv
If you have to post a spam sample, pls use pastebin and post the full msg
On 06/06/2014 11:32 PM, Philip Prindeville wrote:
We’re getting a lot of spam that contains URL’s which look like (remove the
):
http://mabsut.com/20220362/vuxtxumsrnsst6unlornt3umtfuwznvv~5v0nmro0ysnx_u_usqzxsrw
We’re getting a lot of spam that contains URL’s which look like (remove the
):
http://mabsut.com/20220362/vuxtxumsrnsst6unlornt3umtfuwznvv~5v0nmro0ysnx_u_usqzxsrwlln_t_t_tomtdyumplnl_ts_tn_ttce/unnt7uqs_mrn_ttdfw3yuw_h_03xo_gl_67_8gw_buutxveumpomte3yuo_tlltcx3yumsrnsstziaumte3umm/lst0x0ut
26 matches
Mail list logo
