Hi Scott, Thanks for the heads up. You wouldn't happen to have a sample of one of those spams would you? I'm curious about something. I'm wondering if they were using decimal code for punctuation rather than hex code for letters?? "=" (or =) is actually "=" not "a". So maybe you were seeing punctuation mixed in? "! being "!". If that is the case, we just need to tag on all the punctuation. However, I didn't know about the zeros, and you're right. Thanks! here is a cleaner way to write these, (thanks to a very nice person for pointing that out, A.L.!)
/\&\#(?:65|97);/ so adding the zeros it would be /\&\#0*(?:65|97);/ I'll make this change on the page, but I'll wait a bit to see if I'm 'out in left' with my thinking. I'm realizing spammers are indirectly helping me out in my education, maybe I should say "Thank You!" to them as well. ...nah. Jennifer > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On > Behalf Of Scott Sprunger > Sent: Monday, November 03, 2003 8:51 AM > To: [EMAIL PROTECTED] > Subject: [SAtalk] [RD] Weeds changes > > > This past weekend a flood of new spam arrived which > circumvented the weeds rules by using leading zeros and hex > values (both legal from an HTML perspective). I've updated > my local rules as below. Hope this is useful. BTW, Jennifer > thanks for an incredible set of rules! > > -- Scott > > describe J_WEEDS_A Decimal or Hex character encoding [Aa] > full J_WEEDS_A > /(\&\#0*65\;|\&\#0*97\;|\&\#x0*41;|\&\#x0*61;)/i > score J_WEEDS_A 0.5 > > describe J_WEEDS_B Decimal or Hex character encoding [Bb] > full J_WEEDS_B > /(\&\#0*66\;|\&\#0*98\;|\&\#x0*42;|\&\#x0*62;)/i > score J_WEEDS_B 0.5 > > describe J_WEEDS_C Decimal or Hex character encoding [Cc] > full J_WEEDS_C > /(\&\#0*67\;|\&\#0*99\;|\&\#x0*43;|\&\#x0*63;)/i > score J_WEEDS_C 0.5 > > describe J_WEEDS_D Decimal or Hex character encoding [Dd] > full J_WEEDS_D > /(\&\#0*68\;|\&\#0*100\;|\&\#x0*44;|\&\#x0*64;)/i > score J_WEEDS_D 0.5 > > describe J_WEEDS_E Decimal or Hex character encoding [Ee] > full J_WEEDS_E > /(\&\#0*69\;|\&\#0*101\;|\&\#x0*45;|\&\#x0*65;)/i > score J_WEEDS_E 0.5 > > describe J_WEEDS_F Decimal or Hex character encoding [Ff] > full J_WEEDS_F > /(\&\#0*70\;|\&\#0*102\;|\&\#x0*46;|\&\#x0*66;)/i > score J_WEEDS_F 0.5 > > describe J_WEEDS_G Decimal or Hex character encoding [Gg] > full J_WEEDS_G > /(\&\#0*71\;|\&\#0*103\;|\&\#x0*47;|\&\#x0*67;)/i > score J_WEEDS_G 0.5 > > describe J_WEEDS_H Decimal or Hex character encoding [Hh] > full J_WEEDS_H > /(\&\#0*72\;|\&\#0*104\;|\&\#x0*48;|\&\#x0*68;)/i > score J_WEEDS_H 0.5 > > describe J_WEEDS_I Decimal or Hex character encoding [Ii] > full J_WEEDS_I > /(\&\#0*73\;|\&\#0*105\;|\&\#x0*49;|\&\#x0*69;)/i > score J_WEEDS_I 0.5 > > describe J_WEEDS_J Decimal or Hex character encoding [Jj] > full J_WEEDS_J > /(\&\#0*74\;|\&\#0*106\;|\&\#x0*4A;|\&\#x0*6A;)/i > score J_WEEDS_J 0.5 > > describe J_WEEDS_K Decimal or Hex character encoding [Kk] > full J_WEEDS_K > /(\&\#0*75\;|\&\#0*107\;|\&\#x0*4B;|\&\#x0*6B;)/i > score J_WEEDS_K 0.5 > > describe J_WEEDS_L Decimal or Hex character encoding [Ll] > full J_WEEDS_L > /(\&\#0*76\;|\&\#0*108\;|\&\#x0*4C;|\&\#x0*6C;)/i > score J_WEEDS_L 0.5 > > describe J_WEEDS_M Decimal or Hex character encoding [Mm] > full J_WEEDS_M > /(\&\#0*77\;|\&\#0*109\;|\&\#x0*4D;|\&\#x0*6D;)/i > score J_WEEDS_M 0.5 > > describe J_WEEDS_N Decimal or Hex character encoding [Nn] > full J_WEEDS_N > /(\&\#0*78\;|\&\#0*110\;|\&\#x0*4E;|\&\#x0*6E;)/i > score J_WEEDS_N 0.5 > > describe J_WEEDS_O Decimal or Hex character encoding [Oo] > full J_WEEDS_O > /(\&\#0*79\;|\&\#0*111\;|\&\#x0*4F;|\&\#x0*6F;)/i > score J_WEEDS_O 0.5 > > describe J_WEEDS_P Decimal or Hex character encoding [Pp] > full J_WEEDS_P > /(\&\#0*80\;|\&\#0*112\;|\&\#x0*50;|\&\#x0*70;)/i > score J_WEEDS_P 0.5 > > describe J_WEEDS_Q Decimal or Hex character encoding [Qq] > full J_WEEDS_Q > /(\&\#0*81\;|\&\#0*113\;|\&\#x0*51;|\&\#x0*71;)/i > score J_WEEDS_Q 0.5 > > describe J_WEEDS_R Decimal or Hex character encoding [Rr] > full J_WEEDS_R > /(\&\#0*82\;|\&\#0*114\;|\&\#x0*52;|\&\#x0*72;)/i > score J_WEEDS_R 0.5 > > describe J_WEEDS_S Decimal or Hex character encoding [Ss] > full J_WEEDS_S > /(\&\#0*83\;|\&\#0*115\;|\&\#x0*53;|\&\#x0*73;)/i > score J_WEEDS_S 0.5 > > describe J_WEEDS_T Decimal or Hex character encoding [Tt] > full J_WEEDS_T > /(\&\#0*84\;|\&\#0*116\;|\&\#x0*54;|\&\#x0*74;)/i > score J_WEEDS_T 0.5 > > describe J_WEEDS_U Decimal or Hex character encoding [Uu] > full J_WEEDS_U > /(\&\#0*85\;|\&\#0*117\;|\&\#x0*55;|\&\#x0*75;)/i > score J_WEEDS_U 0.5 > > describe J_WEEDS_V Decimal or Hex character encoding [Vv] > full J_WEEDS_V > /(\&\#0*86\;|\&\#0*118\;|\&\#x0*56;|\&\#x0*76;)/i > score J_WEEDS_V 0.5 > > describe J_WEEDS_W Decimal or Hex character encoding [Ww] > full J_WEEDS_W > /(\&\#0*87\;|\&\#0*119\;|\&\#x0*57;|\&\#x0*77;)/i > score J_WEEDS_W 0.5 > > describe J_WEEDS_X Decimal or Hex character encoding [Xx] > full J_WEEDS_X > /(\&\#0*88\;|\&\#0*120\;|\&\#x0*58;|\&\#x0*78;)/i > score J_WEEDS_X 0.5 > > describe J_WEEDS_Y Decimal or Hex character encoding [Yy] > full J_WEEDS_Y > /(\&\#0*89\;|\&\#0*121\;|\&\#x0*59;|\&\#x0*79;)/i > score J_WEEDS_Y 0.5 > > describe J_WEEDS_Z Decimal or Hex character encoding [Zz] > full J_WEEDS_Z > /(\&\#0*90\;|\&\#0*122\;|\&\#x0*5A;|\&\#x0*7A;)/i > score J_WEEDS_Z 0.5 > > > ------------------------------------------------------- > This SF.net email is sponsored by: SF.net Giveback Program. > Does SourceForge.net help you be more productive? Does it > help you create better code? SHARE THE LOVE, and help us help > YOU! Click Here: http://sourceforge.net/donate/ > _______________________________________________ > Spamassassin-talk mailing list [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/spamassassin-talk > ------------------------------------------------------- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.net help you be more productive? Does it help you create better code? SHARE THE LOVE, and help us help YOU! Click Here: http://sourceforge.net/donate/ _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
