Yorkshire Dave writes: > My original intention was to write an eval to run through the range of > caesar ciphers and import a list of substitution cipher codes, but it's > too slow (probably because I write very poor perl), so here's the next > best thing. > > I've thrown together a little CGI which will take an email address as > input and return a series of 24 SA rules which detect 30 different > listwashing tokens.
> If anyone's interested, my part-complete document on listwashing tokens > is at http://www.wot.no-ip.com/show.me/Projects/Listwashing_Tokens/ and > the rule generator itself is http://www.wot.no-ip.com/cgi-bin/detoken.pl Excellent analysis! Also we're pretty sure figuring out some way to catch these inside SpamAssassin, automatically (ie. without the prior rule-building) would be very nifty. One thing though -- many SpamAssassin users won't have only 1 address behind the scanner, so doing it beforehand based on the addr will limit it a bit. We (Dan and I) were thinking that picking up the envelope-to and/or To: addresses, and permuting those, would probably work pretty well to do that. (However, scanning for the domain part of an address would probably work pretty well, and I notice you're picking that up.) BTW quick bug report: entering my mail addr, unticking the "username" box, and hitting Build Rules results in a few rules like this: rawbody W_ROT_2_L //i note that the empty pattern will hit every msg ;) --j. ------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01 _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
