# spamassassin -V
SpamAssassin version 3.4.0 running on Perl version 5.16.3
# uname -a
FreeBSD XYZ.spectrumcs.net 9.2-RELEASE-p3 FreeBSD 9.2-RELEASE-p3
Hi,
I vaguely remember there being a test which indicated if a message had any IPs
which had hit ANY RBL however, but I'm struggling to find i
Hi All,
I thought I'd share this incase its helpful to any body else. Today a series of
emails passed though our spamassassin filter cleanly which had URLs to
Wordpress sites like the following...
hXXp://ticket-deals.de/wp-content/themes/xblog/index.php?id=741693561
hXXp://vertaser.ru/wp-incl
-Sep-2014 18:36)
From:Axb
To: spamassassin-li...@spectrumcs.net
> On 09/03/2014 07:28 PM, Spectrum CS wrote:
> > I appericate that the score 5 is high but as a Wordpress user I've
> > never needed to use URLs which contain wp-content or wp-includes as
> >
Would you be able to share your regexp? I'm struggling to update my regexp to
catch the .php :)
Thanks
Original Message
Subject: Re: Hacked Wordpress sites & Cryptolocker (03-Sep-2014 18:59)
From:David F. Skoll
To: spamassassin-li...@spectrumcs.net
> On Wed, 3 Sep
8:02:31 +0000
> "Spectrum CS" wrote:
>
> > Would you be able to share your regexp? I'm struggling to update my
> > regexp to catch the .php :)
>
> Ah, this is what I have. (I've changed the rule names, but that shouldn't
> matter.)
>
> uri
