On Sun, 2011-03-06 at 13:07 -0500, [email protected] wrote:
> RCVD_IN_DNSWL_MED:
> SPAM%
> 0.3363 bb-guenther_fraud
> 0.3109 bb-jhardin_fraud
> 0.0550 <- average
I just checked mine -- sure enough, yes, they ARE spam.
Both above are hand-classified corpora exclusively containing fraud.
Intended for the Sought Fraud rule-set. Especially fraud is commonly
sent via cracked accounts, including a high percentage of web-mail
accounts.
There are 6 fraud spam in my corpus, originally received via a system
listed in DNSWL, 5 unique systems. 2 systems listed MED (3 spams), 3
systems listed LOW (of which one has been downgraded to NONE since).
4 out of these 6 scams (3 out of 5 unique systems) are universities.
The majority of them seems to have been sent from Outlook, and/or abused
MS Exchange systems. Also kind of noteworthy, a good portion of them
*tried* spam-filtering their outgoing mail, but quite clearly failed.
> I'm really curious how other people think spam from mailing lists should be
> handled.
I do not even scan them. In my mix, there is only a single, rather
special mailing list, which is open. No spam on the other lists.
--
char *t="\10pse\0r\0dtu\0.@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8? c<<=1:
(c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
