At 13:03 19-10-2011, David F. Skoll wrote:
In my dream world, people would blacklist Google. I made a suggestion
The approach would also be applicable for pastebin (which is
generally suggested on this mailing list) and any other free
service. The subject could be rewritten as "responsibili
On Fri, 2011-10-21 at 11:08 -0400, Alex wrote:
> guenther, thanks for spending the time to help with this. Back to the
> books to learn more about REs.
Frankly, the RE part was not that complicated. With an exception of
the /s modifier of my solution. Your REs where not bad either. The most
import
Hi,
>> > body __BODY_URI m{https?://.{1,50}$}
>>
>> That will match any email that ends with http:// followed by 1 to 50
>> characters of anythings, including spaces and other stuff not part of the
>> url. "$" is not "I want stuff to stop matching here." It's the end.
>> Either o
On Wed, 2011-10-19 at 22:21 -0400, dar...@chaosreigns.com wrote:
> > body__BODY_URI m{https?://.{1,50}$}
>
> That will match any email that ends with http:// followed by 1 to 50
> characters of anythings, including spaces and other stuff not part of the
> url. "$" is not "I want
On 10/19, Alex wrote:
> body__SHORT_BODY/.{1,150}$/
That will match anything that ends in 1 to 150 characters of anything. So
it'll match any email that has 1 or more characters.
> describe__SHORT_BODYShort email body
> body__BODY_URI m{https?://.{1,5
Sorry, this might be a bit long, but I hope it's worth reading. Not only
for the OP...
On Wed, 2011-10-19 at 19:28 -0400, Alex wrote:
> >> > >> http://pastebin.com/P0cJdf2V
> I was hoping to be able to write a rule based on a short message body
> that also simply contained a URL. I thought this w
Hi,
>> > >> http://pastebin.com/P0cJdf2V
>>
>> The URLs in the body of these messages don't give consistent results for
>> a domain lookup and a reverse lookup on the IP:
I was hoping to be able to write a rule based on a short message body
that also simply contained a URL. I thought this would b
On Wed, 19 Oct 2011 21:37:56 +0100, Martin Gregorie wrote:
On Wed, 2011-10-19 at 16:03 -0400, David F. Skoll wrote:
Such a change would be trivial for Google, but my suggestion was
ignored.
Maybe it will take some blacklisting to get Google's attention.
The problem with Google is that each ti
On Wed, 2011-10-19 at 16:03 -0400, David F. Skoll wrote:
> Such a change would be trivial for Google, but my suggestion was ignored.
> Maybe it will take some blacklisting to get Google's attention.
>
The problem with Google is that each time they say "Don't be evil" you
can't see their lips move
On Wed, 19 Oct 2011 14:59:40 -0500 (CDT)
David B Funk wrote:
> BTW, you've totally misinterpreted my goole comment, I was talking
> about the insanity of blacklisting "google.com" in a URI-RBL because
> there was a "phish" page being hosted via docs.google.com.
In my dream world, people would bl
On Tue, 18 Oct 2011, Michael Scheidell wrote:
On 10/18/11 6:27 PM, David B Funk wrote:
So if you black-list those hosts you are generating FPs on any legit mails
that link to those sites. Would you black-list google.com because somebody
puts 'phish' forms in a google-docs spread-sheet and then
On Wed, 2011-10-19 at 20:47 +0200, Karsten Bräckelmann wrote:
> > Has anybody tried this and/or shown a worthwhile correlation between
> > failing reverse IP lookup / aliasing and appearance of the URL in spammy
> > body text?
>
> Not useful.
>
OK. Just askin'
Martin
On Wed, 2011-10-19 at 12:05 +0100, Martin Gregorie wrote:
> > >> http://pastebin.com/P0cJdf2V
>
> The URLs in the body of these messages don't give consistent results for
> a domain lookup and a reverse lookup on the IP:
>
> $ host guiadoagito.com.br
> guiadoagito.com.br has address 69.163.138.1
On Tue, 2011-10-18 at 20:54 -0400, Alex wrote:
> http://pastebin.com/Y9mX1DRV
> >> http://pastebin.com/P0cJdf2V
>
The URLs in the body of these messages don't give consistent results for
a domain lookup and a reverse lookup on the IP:
$ host guiadoagito.com.br
guiadoagito.com.br has address
Hi,
I'm having difficulty with figuring out how to tag spam where the body
is only one line with a URL in it. Here is an example:
http://pastebin.com/Y9mX1DRV
>>>
>>> It would be more helpful if you provided several examples. It would be
>>> easy enough to write a rule that ma
On Tue, 18 Oct 2011 17:27:17 -0500, David B Funk wrote:
> Would you black-list google.com
Yes, happily.
On Tue, 2011-10-18 at 17:27 -0500, David B Funk wrote:
> So if you black-list those hosts you are generating FPs on any legit mails
> that link to those sites. Would you black-list google.com because
> somebody puts 'phish' forms in a google-docs spread-sheet and then
Absolutely yes, size do
On 10/18/11 6:27 PM, David B Funk wrote:
So if you black-list those hosts you are generating FPs on any legit
mails that link to those sites. Would you black-list google.com
because somebody puts 'phish' forms in a google-docs spread-sheet and
then
sends out spams with that as the payload? (I
On Tue, 18 Oct 2011 17:27:17 -0500 (CDT), David B Funk wrote:
sends out spams with that as the payload? (I see lots of 'phish'
spam with that tactic on a regular basis).
.
if google accept links to any uribl sites then yes i would block
google, if google just have a phish page ok with me, those
On Tue, 18 Oct 2011, Alex wrote:
Hi,
I'm having difficulty with figuring out how to tag spam where the body
is only one line with a URL in it. Here is an example:
http://pastebin.com/Y9mX1DRV
It would be more helpful if you provided several examples. It would be
easy enough to write a rule
Hi,
>> I'm having difficulty with figuring out how to tag spam where the body
>> is only one line with a URL in it. Here is an example:
>>
>> http://pastebin.com/Y9mX1DRV
>
> It would be more helpful if you provided several examples. It would be
> easy enough to write a rule that matched just thi
On 10/17, Alex wrote:
> I'm having difficulty with figuring out how to tag spam where the body
> is only one line with a URL in it. Here is an example:
>
> http://pastebin.com/Y9mX1DRV
It would be more helpful if you provided several examples. It would be
easy enough to write a rule that matched
22 matches
Mail list logo
