Can you put a T_ rule in your sandbox or send me something to grep and I'll search my ham/spam? -- Kevin A. McGrail Member, Apache Software Foundation Chair Emeritus Apache SpamAssassin Project https://www.linkedin.com/in/kmcgrail - 703.798.0171
On Sat, Mar 13, 2021 at 11:38 PM John Hardin <[email protected]> wrote: > On Sat, 13 Mar 2021, Kevin A. McGrail wrote: > > > If you have spamples and they aren't able to be blocked otherwise, a 4tld > > is certainly something to consider. > > I have a ruleset generated from my spam corpus in my sandbox. But that's > just based on the (relative) trickle of spam me and my wife get. > > They hav quieted down recently. I don't know whether it's because that > technique isn't working out, or they just haven't targeted me lately. > > > -- > > Kevin A. McGrail > > Member, Apache Software Foundation > > Chair Emeritus Apache SpamAssassin Project > > https://www.linkedin.com/in/kmcgrail - 703.798.0171 > > > > > > On Fri, Jan 22, 2021 at 11:55 AM John Hardin <[email protected]> wrote: > > > >> Folks: > >> > >> I've been seeing more frequently lately phishing that leverages web apps > >> hosted by Google and Microsoft as a collection point. > >> > >> I couple of days ago I added firebaseapp.com and web.app to the default > >> util_rb_2tld list to cover firebase apps hosted by Google. > >> > >> I've just seen a couple of phishes leveraging MS Azure web apps: > >> > >> multadetrafico.eastus.cloudapp.azure.com > >> > >> multapendente.westus2.cloudapp.azure.com > >> > >> Unfortunately these can't be added as they have an Azure zone in the > >> fourth position and we don't have a util_rb_4tld directive... > >> > >> So, topic for discussion: do we need to add a util_rb_4tld for this? > >> > >> Related: does URIBL register names that deep? > > -- > John Hardin KA7OHZ http://www.impsec.org/~jhardin/ > [email protected] pgpk -a [email protected] > key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 > ----------------------------------------------------------------------- > Failure to plan ahead on someone else's part does not constitute > an emergency on my part. -- David W. Barts in a.s.r > ----------------------------------------------------------------------- > Tomorrow: Daylight Saving Time begins in U.S. - Spring Forward >
