On Mon, Feb 05, 2007 at 02:27:18PM -0600, Doc Schneider wrote: > >http://hasle.progenyid-com <http://hasle.progenyid-com/> > Are you using SA 3.1.7? If so, do an sa-update there is a new rule that > should be catching these and all mutations.
Three things. First, the spammer has gotten smarter and is using valid hostname chars for obfuscation now. Which makes things much harder (though I have the start of some code which deals with this). Second, the current extra rule will not catch these due to the aforementioned issue. Third, the rule is available via sa-update for 3.1.x (where x >= 1), so while upgrading to 3.1.7 would be good (3.1.8 coming out soon, btw,) it's not necessary. -- Randomly Selected Tagline: Cat \kat'\ n. 1: A dog with an attitude problem
pgp856N7Uc1L2.pgp
Description: PGP signature
