Run 3.04 or 3.10 on a test machine for a few willing accounts. Once you
see if all your desired features seem to be working then roll it into
production.
Since Loren writes SARE rules and needs to see a version of the body
that matches what the body rules test against a feature that was in
2.64 and removed from 3.04 has magically reappeared in my version of
3.04. I also removed the silly tests designed to avoid wraps at 80
characters in reports. Other than that and selecting the correct rule
sets I've had no problems at all.)
{^_^}
----- Original Message -----
From: "Ronald I. Nutter" <[EMAIL PROTECTED]>
I am at 2.6.4. After seeing all the horror stories of upgrades and my
lesser
knowledge of Linux as compare to most on this forum, I was reluctant to
go forward with the upgrade.
Ron
--------------------------------------------------------------------
Ron Nutter [EMAIL PROTECTED]
Network Infrastructure & Security Manager
Information Technology Services (502)863-7002
Georgetown College
Georgetown, KY 40324-1696
--------------------------------------------------------------------
-----Original Message-----
From: Chris [mailto:[EMAIL PROTECTED]
On Thursday 15 September 2005 10:11 am, Ronald I. Nutter wrote:
I am trying to write a rule to block these based on subject line but
keep getting regex errors. It seems to be related to trying to put in
the [ character/symbol. Can someone provide an example of how they
did it?
Thanks,
Ron
Ron, these are caught with the standard rulesets, network tests and RBL
tests
here with SA 3.0.4:
Re[9]:
Content analysis details: (22.7 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
1.7 SARE_ADULT2 BODY: Contains adult material
0.0 HTML_MESSAGE BODY: HTML included in message
0.1 RAZOR2_CF_RANGE_51_100 BODY: Razor2 gives confidence level above 50%
[cf: 100]
3.5 BAYES_99 BODY: Bayesian spam probability is 99 to 100%
[score: 1.0000]
0.6 MY_XXX_BODY RAW: XXX terms in body.
0.0 MIME_QP_LONG_LINE RAW: Quoted-printable line longer than 76 chars
1.5 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/)
3.5 PYZOR_CHECK Listed in Pyzor (http://pyzor.sf.net/)
2.2 DCC_CHECK Listed in DCC (http://rhyolite.com/anti-spam/dcc/)
1.0 URIBL_SBL Contains an URL listed in the SBL blocklist
[URIs: efficacies.net]
1.5 URIBL_WS_SURBL Contains an URL listed in the WS SURBL blocklist
[URIs: efficacies.net]
3.2 URIBL_OB_SURBL Contains an URL listed in the OB SURBL blocklist
[URIs: efficacies.net]
3.0 URIBL_SC2_SURBL Has URI in SC2 at http://www.surbl.org/lists.html
[URIs: efficacies.net]
0.1 DIGEST_MULTIPLE Message hits more than one network digest check
1.0 SAGREY Adds 1.0 to spam from first-time senders
--
Chris
Registered Linux User 283774 http://counter.li.org
21:01:02 up 5 days, 9:13, 1 user, load average: 1.92, 1.20, 1.28 Mandriva
Linux 10.1 Official, kernel 2.6.8.1-12mdk
