On Mon, 8 Feb 2010, Adam Katz wrote:
I wrote:
My tests have been mildly successful on this note, with FROM_WWW
already getting promoted out of testing:
http://ruleqa.spamassassin.org/?rule=/FROM_Wsrcpath=khop
This indicates that we don't actually need to parse any further
because there is no
On Tue, 9 Feb 2010, John Hardin wrote:
On Mon, 8 Feb 2010, Adam Katz wrote:
Maybe it's just because I'm testing on the command line, but FROM_URI
appears to only fire if there's a character in front of the www.
portion.
It does. I'm explicitly targeting a quoted comment part. My rule is
Here's some more data for whatever it's worth.
Our spam reports box since Jan 25 shows this style in definite spam:
From: Get Cialis on www.wa93.com heirs...@imagina.es
From: Get Tamiflu on www.qa35.com inexpedie...@quantumtouch.nl
From: Cheap Tamiflu on www.nu36.com
On 08/02/2010 16:56, Joseph Brennan wrote:
Here's some more data for whatever it's worth.
Our spam reports box since Jan 25 shows this style in definite spam:
From: Get Cialis on www.wa93.com heirs...@imagina.es
From: Get Tamiflu on www.qa35.com inexpedie...@quantumtouch.nl
From: Cheap
I wrote:
My tests have been mildly successful on this note, with FROM_WWW
already getting promoted out of testing:
http://ruleqa.spamassassin.org/?rule=/FROM_Wsrcpath=khop
This indicates that we don't actually need to parse any further
because there is no sizable mass of legitimate mail
On Mon, 01 Feb 2010 12:09:24 -0500
Adam Katz antis...@khopis.com wrote:
Martin Gregorie wrote:
There was a recent suggestion that 'personal name' text from the
From: header should be included in the text examined by 'body'
rules, which already includes the Subject: text. This sounds like
Martin Gregorie wrote:
Apparently putting the spam's payload in the personal name part
of the From: header is as old a trick as putting it in the Subject:
header though I hadn't seen it used until recently.
There was a recent suggestion that 'personal name' text from the
From: header should
On Mon, 2010-02-01 at 12:09 -0500, Adam Katz wrote:
It might be nice to have the URI rule check From, Reply-to, and
Subject. We'd have to be careful so as to not include /all/ headers
as many different mailing lists use various headers for subscription
management and PGP systems often use
On Mon, 1 Feb 2010, Adam Katz wrote:
Martin Gregorie wrote:
Apparently putting the spam's payload in the personal name part
of the From: header is as old a trick as putting it in the Subject:
header though I hadn't seen it used until recently.
There was a recent suggestion that 'personal
People,
perhaps its simple to be done, but I personally would like to know the ways to
get rid of something like this:
-- Forwarded Message --
Subject: marty rizin g suppe r socio logy mason ing
Date: Friday 29 January 2010
From: Cheap Tamiflu on www.ra97.com
On 30/01/2010 13:35, Kārlis Repsons wrote:
People,
perhaps its simple to be done, but I personally would like to know the ways
to
get rid of something like this:
-- Forwarded Message --
Subject: marty rizin g suppe r socio logy mason ing
Date: Friday 29 January
From: KÄrlis Repsons karlis.reps...@gmail.com
Date: Sat, 30 Jan 2010 13:35:26 +
People,
perhaps its simple to be done, but I personally would like to know the ways
to
get rid of something like this:
Use pastebin and save the entire message including the headers instead
On Saturday 30 January 2010 13:51:18 Mike Cardwell wrote:
By forwarding the email the way you have, your email client has stripped
out most of the useful header information. Try pasting the message
including the full set of headers into http://spamalyser.com/ or
http://pastebin.com/ or similar
On Saturday 30 January 2010 13:54:14 Jeff Mincy wrote:
Retrain the message correctly in Bayes. Bayes will catch on to this
after a few times. The subject alone should be a strong enough clue
for bayes (I get BAYES_80 on this partial sample), so it looks like
you are doing only autolearn and
From: KÄrlis Repsons karlis.reps...@gmail.com
Date: Sat, 30 Jan 2010 14:07:16 +
On Saturday 30 January 2010 13:54:14 Jeff Mincy wrote:
Retrain the message correctly in Bayes. Bayes will catch on to this
after a few times. The subject alone should be a strong enough clue
On Sat, 2010-01-30 at 13:35 +, Kārlis Repsons wrote:
People,
perhaps its simple to be done, but I personally would like to know the ways
to
get rid of something like this:
Apparently putting the spam's payload in the personal name part of the
From: header is as old a trick as putting
The Postfix program
users@spamassassin.apache.org: host mx1.us.apache.org[140.211.11.136] said:
552 spam score (10.4) exceeded threshold (in reply to end of DATA command)
Karlis,
That's what the list said about my reply to you. I guess the (I was
going to write that
Am 30.01.2010 16:48, schrieb Jeff Mincy:
From: K�rlis Repsons karlis.reps...@gmail.com
Date: Sat, 30 Jan 2010 14:07:16 +
On Saturday 30 January 2010 13:54:14 Jeff Mincy wrote:
Retrain the message correctly in Bayes. Bayes will catch on to this
after a few times.
On Saturday 30 January 2010 15:48:36 Jeff Mincy wrote:
BAYES_99,DCC_CHECK,RCVD_IN_BL_SPAMCOP_NET,RCVD_IN_FIVETEN_SPAM,RCVD_IN_NIX
SPAM,RCVD_IN_UCEPROTECT1,RCVD_IN_UCEPROTECT2,RCVD_IN_UCEPROTECT3,BOTNET,BOT
NET_BADDNS
Botnet/FIVETEN/NIXSPAM/UCEPROTECT are additional rules added.
-jeff
On 30/01/2010 17:14, Ralph Bornefeld-Ettmann wrote:
I couldn't figure out how to get an unadulterated version of the
message from the spamalyser.com link you posted in a previous message.
I tried this
wget -O - -q http://spamalyser.com/v/5cbffujq/original.txt
pastebin has a simple way to
On 30.1.2010 19:14, Ralph Bornefeld-Ettmann wrote:
in the Raw Message tab you can get the plain message
(http://spamalyser.com/v/5cbffujq/raw)
It's not raw message, it has a line number on each row.
--
http://www.iki.fi/jarif/
You may be recognized soon. Hide.
signature.asc
On Saturday 30 January 2010 16:55:54 Dale Carstensen wrote:
The Postfix program
users@spamassassin.apache.org: host mx1.us.apache.org[140.211.11.136]
said: 552 spam score (10.4) exceeded threshold (in reply to end of DATA
command)
Karlis,
That's what the list said
On Sat, 30 Jan 2010 19:25:15 +0200
Jari Fredriksson ja...@iki.fi wrote:
On 30.1.2010 19:14, Ralph Bornefeld-Ettmann wrote:
in the Raw Message tab you can get the plain message
(http://spamalyser.com/v/5cbffujq/raw)
It's not raw message, it has a line number on each row.
Click on
From: Ralph Bornefeld-Ettmann ilike...@bornefeld-ettmann.de
Date: Sat, 30 Jan 2010 18:14:10 +0100
Am 30.01.2010 16:48, schrieb Jeff Mincy:
From: KÄrlis Repsons karlis.reps...@gmail.com
Date: Sat, 30 Jan 2010 14:07:16 +
On Saturday 30 January 2010
From: KÄrlis Repsons karlis.reps...@gmail.com
Date: Sat, 30 Jan 2010 17:20:23 +
On Saturday 30 January 2010 15:48:36 Jeff Mincy wrote:
BAYES_99,DCC_CHECK,RCVD_IN_BL_SPAMCOP_NET,RCVD_IN_FIVETEN_SPAM,RCVD_IN_NIX
25 matches
Mail list logo