SAproxy 1.2 uses 2.55. I'd suggest than Dan upgrade to SAproxy 1.2, of course.
------ I just downloaded, but have not installed yet. maybe today.
that sounds good... where is it now?
In terms of writing new rules, the best place to begin is Matt Kettler's rule writing guide. Is there a permanent URL for that? Maybe we can add a link to the FAQ or something? ------------
In particular, I occasionally get spam that slips through that I'd like to figure out a rule for. sometimes there are no real obvious things to catch other than perhaps a domain used in the links.
I am wondering what the "best" way to catch links is, after processing so that the obsfucated or encoded ones are readable. I hate to make non-general tests, but sometimes very few of the internal rules get triggered. I had my blacklist doing a uri test, but that didn't seem to trigger, so I'm trying it as a body test now. I've tried something like:
# custom tests to catch specific phrases and links # uri SYMBOLIC_TEST_NAME /pattern/modifiers # body SYMBOLIC_TEST_NAME /pattern/modifiers # after decoding # score SYMBOLIC_TEST_NAME 5.0 # -------------------------------------- body T_OPRAH /Oprah.*wrinkle.*sexual/si score T_OPRAH 4.0
body T_BLACKLIST_URI /(
SIL12345.com|
look4abride.com|
lolslideshow.com|
zland.com
)/ix
score T_BLACKLIST_URI 5.0------------------------------------------------------- This SF.Net email is sponsored by: INetU Attention Web Developers & Consultants: Become An INetU Hosting Partner. Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission! INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
