Grayhat, Well that was interesting. My message came through with "(1)" in the sample header, where I had removed it. So, I see that you did not add it. That is weird. Did your copy of the message you sent come in with the "(1)" in it?
Michael Thomas Mathbox 978-687-3300 Toll Free: 1-877-MATHBOX (1-877-628-4269) > -----Original Message----- > From: Michael Thomas [mailto:[email protected]] > Sent: Sunday, January 02, 2011 12:11 PM > To: 'Grayhat'; 'ASSP development mailing list' > Subject: Re: [Assp-test] Enhancement Suggestion > > > Grayhat, > > > What about stripping off the *domain* of each URI and only adding it > > along with a "count" value ? I mean, something like > > > > X-Assp-Detected-URI(1): hotmail.com:5, bar.net:3, foo.org:7 > > Not sure where the "URI(1):" came from. If it is supposed to change, I > dislike that immensely. > > X-Assp-Detected-URI(1): hotmail.com:5, bar.net:3, foo.org:7 > > Well, that is certainly clean and easily parsed. I don't know > if ASSP has a > routine for limiting length of a header line. If domain list required > multiple lines, which version below do you like: > > Multiple Lines > ======================== > X-Assp-Detected-URI(1): hotmail.com:5, bar.net:3, foo.org:7 ... > X-Assp-Detected-URI(1): msn.com:5, google.net:3, people.org:7 ... > ======================== > > Indented Lines > ======================== > X-Assp-Detected-URI(1): hotmail.com:5, bar.net:3, foo.org:7 ... > msn.com:5, google.net:3, people.org:7 ... > ======================== > > > > only add header lines for bad URI's? > > > > Sounds like a *good* idea too :) > > Hmmm. ASSP already adds "bad" URI hits to the header along > with the points > it scored (AddURIBLHeader). > > By adding the code I added, my goal was too get a clean list > of the URI in > the message, so that they could be added to a URIBL. So, I > would certainly > want the "good" and "bad" URI listed. For me, if a URI is listed in a > trusted URIBL, the message gets rejected and never makes it > through ASSP. > So, I am only looking at messages that got through and I am > looking for any > URI. Also, while I use some of the public DNSBL and URIBL, I > also run my own > DNSBL and URIBL, which is the reason for collecting this information. > > Maybe two, possibly three, check boxes and two different headers: > > A checkbox for: > X-Assp-Detected-URI(1): lists "good" URI > > A checkbox for: > X-Assp-Listed-URI(1): lists "bad" URI > > A checkbox for: > Adding the envelope from domain in one of the two lists above. > > Currently, my script skips/protects the from: domain, which is usually > forged. I want the URI from the body. > > Michael Thomas > Mathbox > 978-687-3300 > Toll Free: 1-877-MATHBOX (1-877-628-4269) > > > -------------------------------------------------------------- > ---------------- > Learn how Oracle Real Application Clusters (RAC) One Node > allows customers > to consolidate database storage, standardize their database > environment, and, > should the need arise, upgrade to a full multi-node Oracle > RAC database > without downtime or disruption > http://p.sf.net/sfu/oracle-sfdevnl > _______________________________________________ > Assp-test mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/assp-test > > ------------------------------------------------------------------------------ Learn how Oracle Real Application Clusters (RAC) One Node allows customers to consolidate database storage, standardize their database environment, and, should the need arise, upgrade to a full multi-node Oracle RAC database without downtime or disruption http://p.sf.net/sfu/oracle-sfdevnl _______________________________________________ Assp-test mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-test
