On Sun, 3 Mar 2002, Craig R. Hughes wrote:
[...]
> It's great to hear that SA is increasingly being viewed as the #1 anti
> spam product. In some part I think that's probably due to both its
> effectiveness, and its flexibility. The simple fact is that in the
> corpus, there are 687 pieces of spam which triggered ROUND_THE_WORLD,
> and only 40 pieces of nonspam. Of the nonspam, only 2/40 triggered
> additional rules putting them over the threshold, both of which were
> postings to bugtraq (daniel, could you check them?)
>
> Y 5 /home/daniel/corpus/nonspam/security.bugtraq/7377
> GAPPY_TEXT,ROUND_THE_WORLD
> Y 5 /home/daniel/corpus/nonspam/security.bugtraq/6911
> GAPPY_TEXT,ROUND_THE_WORLD
Both of them are code posted to BugTraq, one from Hong Kong and another
from .ar[1]. They hit gappy text because they include C code exploits, a
pretty sure way of tagging the rule.
Oh, and they went hong kong => USA => Australia, because they were the
major countries dealing with them. (Sender, processing, receipt.)
It's worth remembering that bugtraq is exclusively moderated content;
the admin must approve a message for distribution and, as such, no SPAM
ever gets there.[2]
Daniel
Footnotes:
[1] I can't recall where this is. Austria, maybe?
[2] In the last six years of my experience, at least. :)
--
Of course I'm crazy, but that doesn't mean I'm wrong. I'm mad but not ill.
-- Robert Anton Wilson
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
