Re: some weight for 12-letter 2nd level labels

[ 3rd attempt to send this message; without it being rejected by apache.org for being spam... ] I picked two of those domains at random: [r...@vm2 tmp]# host -t TXT trigasplumet.net.fresh.spameatingmonkey.net trigasplumet.net.fresh.spameatingmonkey.net descriptive text "Domain first seen 2010-

Re: some weight for 12-letter 2nd level labels

no wrap on my 20" screen, sorry for the wrap here. high-rate 12-letter sender domains: hold:'s for excessive sender per unknown client IP egrep -i "postfix.*hold: .*CLIENT_" /var/log/maillog | egrep -i unknown | awk '{print $10,$(NF-3), $NF}' | sort -f | uniq -ic | sort -t[ -k2 | sed -e 's/\[/

Re: some weight for 12-letter 2nd level labels

On Tue, 31 Aug 2010, Len Conrad wrote: -- Original Message -- From: John Hardin Date: Tue, 31 Aug 2010 08:20:33 -0700 (PDT) On Tue, 31 Aug 2010, Len Conrad wrote: At 12:41 AM 8/31/2010, you wrote: On Mon, 30 Aug 2010, Len Conrad wrote: for 1. rej

Re: some weight for 12-letter 2nd level labels

> > > 1. rejects of high-rate @sender.garbage.domain or rhsbl garbage domains > > Can you provide a sample of each pls? > > My msg had nearly 250+ examples of 12-letter .tld Twelve? spamassassin.org. Doh! :) -- char *t="\10pse\0r\0dtu...@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4"; main(

Re: some weight for 12-letter 2nd level labels

-- Original Message -- From: John Hardin Date: Tue, 31 Aug 2010 08:20:33 -0700 (PDT) >On Tue, 31 Aug 2010, Len Conrad wrote: > >> At 12:41 AM 8/31/2010, you wrote: >>> On Mon, 30 Aug 2010, Len Conrad wrote: >>> for 1. rejects of high-rate @s

Re: some weight for 12-letter 2nd level labels

On Tue, 31 Aug 2010, Len Conrad wrote: At 12:41 AM 8/31/2010, you wrote: On Mon, 30 Aug 2010, Len Conrad wrote: for 1. rejects of high-rate @sender.garbage.domain or rhsbl garbage domains Can you provide a sample of each pls? My msg had nearly 250+ examples of 12-letter .tld But it had

Re: some weight for 12-letter 2nd level labels

At 12:41 AM 8/31/2010, you wrote: >On Mon, 30 Aug 2010, Len Conrad wrote: > >>for >> >>1. rejects of high-rate @sender.garbage.domain or rhsbl garbage domains > >Can you provide a sample of each pls? My msg had nearly 250+ examples of 12-letter .tld Len >Detecting either of those _should_ be t

Re: some weight for 12-letter 2nd level labels

On Mon, 30 Aug 2010, Len Conrad wrote: for 1. rejects of high-rate @sender.garbage.domain or rhsbl garbage domains Can you provide a sample of each pls? Detecting either of those _should_ be trivial, but I'd like to see a sample before suggesting rules. -- John Hardin KA7OHZ

some weight for 12-letter 2nd level labels

for 1. rejects of high-rate @sender.garbage.domain or rhsbl garbage domains or 2. hold: for high-rate @sender.domain, here is the distribution of qty of letters in the 2nd level label for preceding 10 days: 9 chars: 34 domains 10 : 30 11 : 23 12 : 180 13 : 16 14 : 15 Which corresponds t