On Thu, Feb 01, 2007 at 10:14:08AM -0500, Kevin A. McGrail wrote: > This test (below) looks to me to be designed to catch all spam 0000.gif > through 9999.gif? If so I would say the false positives are going to be > pretty high even without running it through a corpus. Certainly it has a > high enough potential for FPs that a score of 3.2 is not appropriate.
It's also a full rule which makes it horrible. Look at the mimeheader rules which already look at graphic attachment filenames. -- Randomly Selected Tagline: "Unfortunately, the "Can't write utmp, wtmp" message, or any other variation is a symptom with a myriad of possible causes. The causes could range from a bad utmp or wtmp entry to the wind blowing slightly to the north." - Paul Carver
pgpInejvsTFMl.pgp
Description: PGP signature
