--- "John D. Hardin" <[EMAIL PROTECTED]> wrote:
> On Sat, 7 Apr 2007, J. wrote:
>
> > --- "John D. Hardin" <[EMAIL PROTECTED]> wrote:
> >
> > > You might want to look at this instead of trying to hand-roll
> > > obfuscation rules:
> > >
> > > http://www.impsec.org/~jhardin/antispam/obfusc.pl
On Sat, 7 Apr 2007, J. wrote:
> --- "John D. Hardin" <[EMAIL PROTECTED]> wrote:
>
> > You might want to look at this instead of trying to hand-roll
> > obfuscation rules:
> >
> > http://www.impsec.org/~jhardin/antispam/obfusc.pl
>
> Thanks John. I have no idea what the program does but it does
--- "John D. Hardin" <[EMAIL PROTECTED]> wrote:
> On Fri, 6 Apr 2007, J. wrote:
>
> > I get no output. Is there a better way to find what matched?
> Thanks.
>
> Use egrep instead of grep?
>
> You might want to look at this instead of trying to hand-roll
> obfuscation rules:
>
> http://www.im
--- guenther <[EMAIL PROTECTED]> wrote:
> Please do not hijack other threads by replying to a mail, if you
> actually mean to start an unrelated thread. Removing the quoted text
> is
> not sufficient.
>
> On Fri, 2007-04-06 at 15:19 -0700, J. wrote:
> > I got a false positive that was triggered
John D. Hardin wrote:
> On Fri, 6 Apr 2007, J. wrote:
>
>
>> I get no output. Is there a better way to find what matched? Thanks.
>>
>
> Use egrep instead of grep?
>
> You might want to look at this instead of trying to hand-roll
> obfuscation rules:
>
> http://www.impsec.org/~jhardin/anti
On Fri, 6 Apr 2007, J. wrote:
> I get no output. Is there a better way to find what matched? Thanks.
Use egrep instead of grep?
You might want to look at this instead of trying to hand-roll
obfuscation rules:
http://www.impsec.org/~jhardin/antispam/obfusc.pl
--
John Hardin KA7OHZ
Please do not hijack other threads by replying to a mail, if you
actually mean to start an unrelated thread. Removing the quoted text is
not sufficient.
On Fri, 2007-04-06 at 15:19 -0700, J. wrote:
> I got a false positive that was triggered by this:
>
> bodyMY_VIAG
> /\b(v(i|l)a.{0,4}g.{
--- Theo Van Dinter <[EMAIL PROTECTED]> wrote:
> On Fri, Apr 06, 2007 at 03:19:09PM -0700, J. wrote:
> > bodyMY_VIAG
> > /\b(v(i|l)a.{0,4}g.{0,4}r.{0,4}a)|(v.{0,4}(i|l).{0,4}a.{0,4}gra)/i
>
> just because it makes me cringe:
> - use [il] for character classes, not (i|l)
> - don't use
On Fri, Apr 06, 2007 at 03:19:09PM -0700, J. wrote:
> bodyMY_VIAG
> /\b(v(i|l)a.{0,4}g.{0,4}r.{0,4}a)|(v.{0,4}(i|l).{0,4}a.{0,4}gra)/i
just because it makes me cringe:
- use [il] for character classes, not (i|l)
- don't use (...) if you don't need capturing, use (?:...)
:)
> grep -i
