jdow wrote:
One that made it through here had no URLs in the body, a LOT of HTML
formatting, and hit HTML_IMAGE_RATIO_06, a very low scoring rule.
The HTML formatting is excessive use of this long string for
individually formatting small chunks of text which are then covered
by the
How about sending 450 Please Try later to ever mail with an inline
image and then somehow verify if it really comes back. (Obviously not my
original idea :-) )
How many spams would really comeback. max 20% .. those which are routed
thru zombies
Thanks
Ram
Dear Group Member,
Can anyone explian me the clear definition of SPAM and HAM
regards
Dear Group Member,
Can anyone explian me the clear definition of SPAM and HAM
Yes. I'm sure quite a few people can.
Loren
On Tuesday 01 August 2006 07:24, sokka wrote:
Dear Group Member,
Can anyone explian me the clear definition of SPAM and HAM
Spam is spam. Ham ain't. What's the problem?
--
Gary G. Taylor * Pomona, CA * 34.07°N 117.75°W
[EMAIL PROTECTED] * http://www.donavan.org
SPAM is canned HAM... HAM is the backside of any animal, typically the meat
made from that part, though the shoulder part is also referred to as HAM.
Eating to much HAM will make you fat and too lazy to search archives, wikipedia
or google...
-Sietse
On Tue, 1 Aug 2006, Ramprasad wrote:
How about sending 450 Please Try later to ever mail with an
inline image and then somehow verify if it really comes back.
(Obviously not my original idea :-) )
The problem there, again, is that you've already used the bandwidth
and system resources
This message was stopped , and I'm not really sure what triggered the Diploma
Mill rule
The sender is legitimate (UNFPA.org) and I read the message it seems* ok
sorry to read about your tooth. i lost two upper fronts
due to bicycle accident some 27 years ago. I fell, hit a rock right
John D. Hardin wrote:
On Tue, 1 Aug 2006, Ramprasad wrote:
How about sending 450 Please Try later to ever mail with an
inline image and then somehow verify if it really comes back.
(Obviously not my original idea :-) )
The problem there, again, is that you've already used the bandwidth
and
At 09:45 AM 8/1/2006, you wrote:
This message was stopped , and I'm not really sure what triggered the Diploma
Mill rule
The sender is legitimate (UNFPA.org) and I read the message it seems* ok
sorry to read about your tooth. i lost two upper fronts
due to bicycle accident some 27
On Tue, Aug 01, 2006 at 09:24:55AM -0700, John D. Hardin wrote:
How many spams would really comeback. max 20%
There is a much lighter-weight and more global way to achieve that:
standard greylisting.
Well, until greylisting becomes enough of a problem that the spammers change
their software
Theo Van Dinter wrote:
On Mon, Jul 31, 2006 at 04:11:43PM -0700, Ken A wrote:
These image spams are not easy to stop. I'm finally getting them with a
'full' rule matching a string that is common in the base64 encoded image
part. I'm sure the image will change friday and break my rule for
\| great!
|
| Is there any other way to match ascii in a base64 encoded part than by
| using a full rule with SpamAssassin?
|
| Thanks,
|
| Ken A
| Pacific.Net
|
Ditto
Brian
Jim Maul wrote:
John D. Hardin wrote:
On Tue, 1 Aug 2006, Ramprasad wrote:
How about sending 450 Please Try later to ever mail with an
inline image and then somehow verify if it really comes back.
(Obviously not my original idea :-) )
The problem there, again, is that you've already
Ken A wrote:
Jim Maul wrote:
John D. Hardin wrote:
On Tue, 1 Aug 2006, Ramprasad wrote:
How about sending 450 Please Try later to ever mail with an
inline image and then somehow verify if it really comes back.
(Obviously not my original idea :-) )
The problem there, again, is that
- Original Message -
From: Jim Maul [EMAIL PROTECTED]
John D. Hardin wrote:
On Tue, 1 Aug 2006, Ramprasad wrote:
How about sending 450 Please Try later to ever mail with an
inline image and then somehow verify if it really comes back.
(Obviously not my original idea :-) )
The
On Tue, 1 Aug 2006, Jim Maul wrote:
There is a much lighter-weight and more global way to achieve that:
standard greylisting.
Im curious how many organizations that arent ISPs are using some sort of
greylisting. Do your users complain when the email they sent to a
fellow employee 17
On Tue, 1 Aug 2006, Theo Van Dinter wrote:
On Tue, Aug 01, 2006 at 09:24:55AM -0700, John D. Hardin wrote:
How many spams would really comeback. max 20%
There is a much lighter-weight and more global way to achieve that:
standard greylisting.
Well, until greylisting becomes enough of
Words by negativescore [Mon, Jul 31, 2006 at 04:40:00PM -0700]:
Hello all,
How do I assign a negative score to BAYES_00? I use cpanel online, and
when
I enter a negative score, such as -3.0, it registers as no score at
all--just blank space in the score cell.
Please
On Aug 1, 2006, at 9:53 AM, Theo Van Dinter wrote:
On Tue, Aug 01, 2006 at 09:24:55AM -0700, John D. Hardin wrote:
How many spams would really comeback. max 20%
There is a much lighter-weight and more global way to achieve that:
standard greylisting.
Well, until greylisting becomes enough
At 10:23 AM 8/1/2006, you wrote:
Maybe, but with a sense of humour. And he (his MUA more likely) can
quote properly.
AOL.
Many a list I'm on have an AOLDiot. One of them didn't quote at all.
So in a thread with hundreds of replies, he'd chime in with Great
idea! I agree! and no one had any
On Tue, 1 Aug 2006, John Rudd wrote:
They don't really even have to queue. They just have to retry.
...
It's a lightweight solution to getting around greylisting.
Crap. That's good.
I suppose one way around it might be to hardfail if the far end is
retrying too quickly or too many times
On Tue, 1 Aug 2006, John D. Hardin wrote:
On Tue, 1 Aug 2006, Ramprasad wrote:
How about sending 450 Please Try later to ever mail with an
inline image and then somehow verify if it really comes back.
If some spammer MTAs are going to only try delivery once, why expend
heavy resources on
On Tue, 01 Aug 2006, Theo Van Dinter wrote:
On Tue, Aug 01, 2006 at 09:24:55AM -0700, John D. Hardin wrote:
...
Well, until greylisting becomes enough of a problem that the spammers change
their software to queue and retry, thereby eliminating the benefit completely.
Or even simply send spam
I'm writing a paper that I'm submitting to an Internet Governance Forum
of the United Nations. Keeping in mind that free speech and freedom is
important, what would you change in the world to stop spam? I'm looking
for things that are actually possible and practical. Suggestions can be
On Mon, 31 Jul 2006, Steve Martin prattled cheerily:
I'm seeing lots of errors like the following recently...
spamd[945]: (?:(?=[\s,]))* matches null string many times in regex; marked
by -- HERE in m/\G(?:(?=[\s,]))* -- HERE \Z/ at
/System/ Library/Perl/5.8.6/Text/Wrap.pm line 46.\n
A reliable DUL list would be good. If it were possible to determine if
an incoming STMP connection were coming from a server or an end user,
that might help get rid of the problem of spam from zombie PCs, which
seems to be a big part of the spam we get. Perhaps ISPs could be
persuaded to publish
On Mon, 31 Jul 2006, negativescore gibbered uncontrollably:
Find a floppy disk. Format it. Move cpanel over to the floppy disk.
Remove the floppy disk from the system. Wrap the floppy in alternating
layers of foil, lead is best, and parafin until it is about 6 thick.
Save it until the next
On Mon, 31 Jul 2006, [EMAIL PROTECTED] murmured woefully:
Find a floppy disk. Format it. Move cpanel over to the floppy disk.
Remove the floppy disk from the system. Wrap the floppy in alternating
layers of foil, lead is best, and parafin until it is about 6 thick.
Save it until the next full
At 12:56 PM 8/1/2006, you wrote:
I'm writing a paper that I'm submitting to an Internet Governance
Forum of the United Nations. Keeping in mind that free speech and
freedom is important, what would you change in the world to stop spam?
Turning Spamming into a capital offense punishable by
Evan Platt wrote:
Turning Spamming into a capital offense punishable by death would be a
good start. :-D
Now I'm trying to figure out what a capital offense would be that
*isn't* punishable by death...
--
The Ninja Dude. Striking spam from the shadows.
Please, don't send mail to [EMAIL
Evan Platt wrote:
At 12:56 PM 8/1/2006, you wrote:
I'm writing a paper that I'm submitting to an Internet Governance
Forum of the United Nations. Keeping in mind that free speech and
freedom is important, what would you change in the world to stop spam?
Turning Spamming into a capital
From: Jose Celestino [EMAIL PROTECTED]
Words by negativescore [Mon, Jul 31, 2006 at 04:40:00PM -0700]:
Hello all,
How do I assign a negative score to BAYES_00? I use cpanel online, and
when
I enter a negative score, such as -3.0, it registers as no score at
all--just blank space
On Tuesday 01 August 2006 14:16, Ninja Dude wrote:
Evan Platt wrote:
Turning Spamming into a capital offense punishable by death would be a
good start. :-D
Now I'm trying to figure out what a capital offense would be that
*isn't* punishable by death...
Using the wrong case on the
At 01:16 PM 8/1/2006, you wrote:
Evan Platt wrote:
Turning Spamming into a capital offense punishable by death would
be a good start. :-D
Now I'm trying to figure out what a capital offense would be that
*isn't* punishable by death...
O yeah huh,
Department of redundancy department.
Marc Perkel wrote:
I'm writing a paper that I'm submitting to an Internet Governance Forum
of the United Nations. Keeping in mind that free speech and freedom is
important, what would you change in the world to stop spam? I'm looking
for things that are actually possible and practical.
On Tue, Aug 01, 2006 at 04:07:38PM -0400, Rosenbaum, Larry M. wrote:
A reliable DUL list would be good. If it were possible to determine if
an incoming STMP connection were coming from a server or an end user,
that might help get rid of the problem of spam from zombie PCs, which
seems to be a
From: Marc Perkel [EMAIL PROTECTED]
I'm writing a paper that I'm submitting to an Internet Governance Forum
of the United Nations. Keeping in mind that free speech and freedom is
important, what would you change in the world to stop spam? I'm looking
for things that are actually possible and
Theo Van Dinter wrote:
On Tue, Aug 01, 2006 at 04:07:38PM -0400, Rosenbaum, Larry M. wrote:
A reliable DUL list would be good. If it were possible to determine if
an incoming STMP connection were coming from a server or an end user,
that might help get rid of the problem of
On Tue, 01 Aug 2006 12:56:27 -0700, Marc Perkel [EMAIL PROTECTED]
opined:
I'm writing a paper that I'm submitting to an Internet Governance
Forum of the United Nations. Keeping in mind that free speech and
freedom is important, what would you change in the world to stop
spam? I'm looking for
Am running SpamAssassin 3.1.2 on Windows 2003 server.
This is an extract from the headers of an incoming email.
This triggered the MISSING_SUBJECT Missing Subject: header rule.
Why did this not detect the subject header?
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class:
On Aug 1, 2006, at 12:56, Marc Perkel wrote:
I'm writing a paper that I'm submitting to an Internet Governance
Forum of the United Nations. Keeping in mind that free speech and
freedom is important, what would you change in the world to stop spam?
I'm looking for things that are actually
On Aug 1, 2006, at 13:41, Marc Perkel wrote:
Theo Van Dinter wrote:On Tue, Aug 01, 2006 at 04:07:38PM -0400,
Rosenbaum, Larry M. wrote:
A reliable DUL list would be good. If it were possible to determine
if
an incoming STMP connection were coming from a server or an end user,
that
On Tue, 1 Aug 2006, John D. Hardin wrote:
On Tue, 1 Aug 2006, John Rudd wrote:
They don't really even have to queue. They just have to retry.
It's a lightweight solution to getting around greylisting.
Crap. That's good.
Yeah, it would be a very simple way of getting around
On Tue, Aug 01, 2006 at 04:33:39PM -0500, Logan Shaw wrote:
However, don't assume that it kills the benefit of greylisting
completely: if you can delay processing that questionable
message for 30 minutes or an hour, that greatly increases the
chances it will end up on a realtime blacklist of
On Tue, 2006-08-01 at 17:49 -0400, Theo Van Dinter wrote:
Except now you've also delayed your valid mail by 30 minutes or an hour
which sucks (and is sometimes completely unacceptable).
True though it would be more accurate to say that you've delayed some of
your valid mail by 30 minutes to an
On Tue, 2006-08-01 at 17:49 -0400, Theo Van Dinter wrote:
Except now you've also delayed your valid mail by 30 minutes or an hour
which sucks (and is sometimes completely unacceptable).
True though it would be more accurate to say that you've delayed some of
your valid mail by 30
From: Nix [EMAIL PROTECTED]
On Mon, 31 Jul 2006, negativescore gibbered uncontrollably:
Find a floppy disk. Format it. Move cpanel over to the floppy disk.
Remove the floppy disk from the system. Wrap the floppy in alternating
layers of foil, lead is best, and parafin until it is about 6
From: Theo Van Dinter [EMAIL PROTECTED]
===8--- Theo's note
A possibly better method is to block SMTP outbound from the ISP. There was a
paper at LISA '05 IIRC about dynamically blocking outbound SMTP based on
connection rates. Something about how infected/spam relay hosts have a large
number
On Aug 1, 2006, at 14:06, John Rudd wrote:
5) Require ISP's to channel their customer's email through their own
mail servers (which will have some impact upon SPF tracking as well)
and not allow any non-business customers, nor any dynamic customers
(business or commercial), to directly
On Mon, 31 Jul 2006, Derek Harding wrote:
rawbody INLINE_IMAGE/src\s*=\s*[']cid:/i
describe INLINE_IMAGE Inline Images
score INLINE_IMAGE 1.5
I haven't tested this against the SA corpus so YMMV.
Anyone else find this to be a good rule to catch these image stock spams
without too much
From: Rob Mangiafico [EMAIL PROTECTED]
On Mon, 31 Jul 2006, Derek Harding wrote:
rawbody INLINE_IMAGE/src\s*=\s*[']cid:/i
describe INLINE_IMAGE Inline Images
score INLINE_IMAGE 1.5
I haven't tested this against the SA corpus so YMMV.
Anyone else find this to be a good rule to catch
1) use Martin Blapp's OCR plugin/patch for SA. feed data to bayes.
http://antispam.imp.ch/patches/patch-ocrtext
2) to combat the images with subtle differences, develop a checksum
method that ignores the lower (3 or 4 bits? out of 8 bits) of each
color channel. That way you get what is
On Tue, 1 Aug 2006, John Rudd wrote:
Not directly stopping spam, but helping to close holes that are
manipulated by spammers, and make it easier to track them:
1) Require Virus Scanning on all SMTP transactions, on the recipient's
side of the transaction (ie. the Server) (to help minimize
Here's an early draft:
The Problem with Spam on the Internet
As Secretary General Kofi Annan said, In its short life, the
Internet has become an agent of dramatic, even revolutionary change and
maybe one of today's greatest instruments of progress. It is a
marvelous tool to promote and
On Tue, 1 Aug 2006, Theo Van Dinter wrote:
Except now you've also delayed your valid mail by 30 minutes or an
hour which sucks (and is sometimes completely unacceptable).
Repeat after me: Email is a non-guaranteed, Best Attempt delivery
mechanism. There may be delays.
--
John Hardin KA7OHZ
On Aug 1, 2006, at 18:16, John D. Hardin wrote:
On Tue, 1 Aug 2006, John Rudd wrote:
Not directly stopping spam, but helping to close holes that are
manipulated by spammers, and make it easier to track them:
1) Require Virus Scanning on all SMTP transactions, on the recipient's
side of the
On Tue, 2006-08-01 at 18:02 -0700, jdow wrote:
From: Rob Mangiafico [EMAIL PROTECTED]
On Mon, 31 Jul 2006, Derek Harding wrote:
rawbody INLINE_IMAGE/src\s*=\s*[']cid:/i
describe INLINE_IMAGE Inline Images
score INLINE_IMAGE 1.5
I haven't tested this against the SA corpus so
On Aug 1, 2006, at 6:31 PM, John Rudd wrote:
On Aug 1, 2006, at 18:16, John D. Hardin wrote:
On Tue, 1 Aug 2006, John Rudd wrote:
Not directly stopping spam, but helping to close holes that are
manipulated by spammers, and make it easier to track them:
1) Require Virus Scanning on all
On Aug 1, 2006, at 6:54 PM, John D. Hardin wrote:
On Tue, 1 Aug 2006, jdow wrote:
From: Marc Perkel [EMAIL PROTECTED]
Allowing IMAP/POP to Send Email
Nonsense.
...is there an echo in here? ;)
Having also said the same thing ... Doesn't part of Microsoft's
extension to IMAP
2) to combat the images with subtle differences, develop a checksum
method that ignores the lower (3 or 4 bits? out of 8 bits) of each color
channel. That way you get what is essentially a very high
Won't work. White on black and black on white are both quite readable, and
will fail the
A little bit sorry for the top-post ... but .. Re: Kofi Annan's quote
from the post dated today at around 6:20 PM PST:
The problem has risen to a level requiring that the United Nations be
aware of the issue and to take steps to address the problem.**
I simply do not agree. The U.N. has far
On Aug 1, 2006, at 8:55 PM, Loren Wilton wrote:
2) to combat the images with subtle differences, develop a checksum
method that ignores the lower (3 or 4 bits? out of 8 bits) of each
color channel. That way you get what is essentially a very high
Won't work. White on black and black on
On Tue, 1 Aug 2006, John Rudd wrote:
On Aug 1, 2006, at 6:54 PM, John D. Hardin wrote:
On Tue, 1 Aug 2006, jdow wrote:
From: Marc Perkel [EMAIL PROTECTED]
Allowing IMAP/POP to Send Email
Nonsense.
...is there an echo in here? ;)
Having also said the same thing ...
Yes, but given the opportunity to issue a useless proclamation over such an
innane topic; how can they possibly resist!
RO
- Original Message -
From: James [EMAIL PROTECTED]
To: users@spamassassin.apache.org
Sent: Tuesday, August 01, 2006 9:05 PM
Subject: Re: What changes would you
On Tuesday 01 August 2006 11:56, Marc Perkel wrote:
I'm writing a paper that I'm submitting to an Internet Governance Forum
of the United Nations.
What's the point of that?
Unless there's a kickback in it for Koffie's son, its just a waste of effort,
like virtually every thing else the UN
On Tuesday 01 August 2006 12:41, Marc Perkel wrote:
I think that end users shouldn't be using SMTP at all. I think SPTM
should be a server to server protocol and that the POP/IMAP protocol
should be modified to allow sending outgoing email over the same
connection that mail comes in over.
The
Rob Mangiafico wrote:
Anyone else find this to be a good rule to catch these image stock spams
without too much collateral damage?
After writing this I did some checks on the SA public corpus. The rule
didn't hit on any of the hard ham. It didn't hit much of the spam either
since very
4a) maybe generalize #4 to include various other RFC issues (matching
PTR and A records is an RFC requirement, after all), such as the things
tracked at RFC-Ignorant
Less feasible, too many players.
How about: domain registrars are required to block any domain they
have registered
On Aug 1, 2006, at 9:32 PM, John D. Hardin wrote:
On Tue, 1 Aug 2006, John Rudd wrote:
On Aug 1, 2006, at 6:54 PM, John D. Hardin wrote:
On Tue, 1 Aug 2006, jdow wrote:
From: Marc Perkel [EMAIL PROTECTED]
Allowing IMAP/POP to Send Email
Nonsense.
...is there an echo in here?
On Tuesday 01 August 2006 17:20, Marc Perkel wrote:
As Secretary General Kofi Annan said, In its short life,
Oh, right, DO START with a little ass kissing
That always helps. The fact the he can't remember saying it, or even having a
coherent thought on the subject in his entire life need
John Rudd wrote:
Um, how exactly will they fail?
How about a nice black white speckled image with red text on it?
BTW I think the OCR approach is unlikely to succeed due to processing
constraints.
Derek
On Tuesday 01 August 2006 17:49, John D. Hardin wrote:
Please don't pollute the IMAP and POP protocols this way. The problem
can be easily solved with no changes to existing tools if the ISP
blocks all outbound SMTP from their dynamic client ranges and requires
SMTP AUTH via their mail servers
Please don't pollute the IMAP and POP protocols this way.
POP3 XTND XMIT submission extensions already polluted POP3 many
years ago, supported by many thousands of servers (tho' not
necessarily enabled).
--Sandy
MAPI. [is]..implemented over DCE/RPC (i.e. LAN-only).
Maybe a nit... but technically not LAN-only using ncacn_http.
--Sandy
75 matches
Mail list logo