Re: [Declude.JunkMail] A slight increase in spam not getting caught thanks to Network Solutions

[Matthew Bramble]

I think a better filter might be: BODY        1000000    CONTAINS verisign HEADERS        1000000    CONTAINS verisign HELO        1000000    CONTAINS verisign MAILFROM    1000000    CONTAINS verisign REMOTEIP    1000000    CONTAINS verisign REVDNS        1000000    CONTAINS verisign ALLRECIPS    1000000    CONTAINS verisign SUBJECT        1000000    CONTAINS verisign and don't forget obfuscation... BODY        1000000    CONTAINS v-e-r-i-s-i-g-n BODY        1000000    CONTAINS v.e.r.i.s.i.g.n BODY        1000000    CONTAINS vérisign BODY        1000000    CONTAINS verlslgn Matt :) Bill Landry wrote: Oops, never mind, that's not going to work. Hmmm, back to the drawing board on this one... Bill ----- Original Message ----- From: "Bill Landry" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, September 15, 2003 7:18 PM Subject: Re: [Declude.JunkMail] A slight increase in spam not getting caught thanks to Network Solutions For now I've added: REVDNS 10 ENDSWITH sitefinder-idn.verisign.com to at least be able to add some weight to e-mail messages that use bogus domain names and resolve RDNS for 64.94.110.11 to sitefinder-idn.verisign.com. Bill ----- Original Message ----- From: "R. Scott Perry" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, September 15, 2003 4:32 PM Subject: [Declude.JunkMail] A slight increase in spam not getting caught thanks to Network Solutions Just so people are aware, Network Solutions just hours ago made the dumb move of making all unregistered domains point to their web site. As a result, very little E-mail will fail the MAILFROM test in Declude JunkMail (only E-mail from addresses on recently expired domains, and domains not handled by Network Solutions will still fail). Fortunately, the MAILFROM test only caught about 2% of all spam, but it was an extremely reliable test. -Scott