Re: some custom ruleset rule info please
On Fri, 2008-02-29 at 09:43 -0800, Robert - elists wrote: In regards to backhair.cf backhair is a set of rules designed to catch those ugly, unsightly HTML tags. Created by: Jennifer Wheeler are unsightly HTML tags just referring to basic HTML coding or something else we should better understand as spam fighting warriors If I understand your question correctly... The latter. Obfuscation. You did have a look at the rules file and the rules description, right? It's about injected HTML tags inside words or to hide part of the gibberish as a means of preventing plain word matching, IIRC. It's been a while, but if memory serves me right, Jennifer picked the rules name, because these stand out like, well, backhair. ;) Anyway, why are you asking? You're not pondering to use it, are you? guenther -- char *t=[EMAIL PROTECTED]; main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;il;i++){ i%8? c=1: (c=*++x); c128 (s+=h); if (!(h=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
Re: some custom ruleset rule info please
On Fri, 2008-02-29 at 19:57 +0100, Karsten Bräckelmann wrote: On Fri, 2008-02-29 at 09:43 -0800, Robert - elists wrote: backhair is a set of rules designed to catch those ugly, unsightly HTML tags. Created by: Jennifer Wheeler are unsightly HTML tags just referring to basic HTML coding or something else we should better understand as spam fighting warriors If I understand your question correctly... The latter. Obfuscation. You did have a look at the rules file and the rules description, right? It's about injected HTML tags inside words or to hide part of the gibberish as a means of preventing plain word matching, IIRC. It's been Meep. Nope, it is words obfuscated by nonsense html tags, as mentioned at the location pointed to by CustomRulesets. So I overlooked that link, and while I had a glimpse at the REs I overlooked the negation in the lookahead. *sigh* Time to go look at something else than a screen... a while, but if memory serves me right, Jennifer picked the rules name, because these stand out like, well, backhair. ;) Anyway, why are you asking? You're not pondering to use it, are you? This stands. :) guenther -- char *t=[EMAIL PROTECTED]; main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;il;i++){ i%8? c=1: (c=*++x); c128 (s+=h); if (!(h=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
RE: some custom ruleset rule info please
If I understand your question correctly... The latter. Obfuscation. You did have a look at the rules file and the rules description, right? It's about injected HTML tags inside words or to hide part of the gibberish as a means of preventing plain word matching, IIRC. It's been a while, but if memory serves me right, Jennifer picked the rules name, because these stand out like, well, backhair. ;) Anyway, why are you asking? You're not pondering to use it, are you? guenther Thank you for the info I looked at the file, yet as a rule making novice it didn't mean a lot to me so I wondered what it does. Yes, I was wondering if it was a good idea to include this ruleset. Should backhair.cf *not* be used anymore with SA or latest SA 3.2.4 or ??? Thanks! - rh
RE: some custom ruleset rule info please
On Fri, 2008-02-29 at 13:27 -0800, Robert - elists wrote: Anyway, why are you asking? You're not pondering to use it, are you? I looked at the file, yet as a rule making novice it didn't mean a lot to me so I wondered what it does. Yes, I was wondering if it was a good idea to include this ruleset. Where did you find that ruleset? from http://wiki.apache.org/spamassassin/CustomRulesets Note: SA 3.0.0 documentation indicates that much of this rule set has been incorporated into that version. This file is unnecessary with SA 3.0.0. Should backhair.cf *not* be used anymore with SA or latest SA 3.2.4 or ??? Not with any 3.x version. guenther -- char *t=[EMAIL PROTECTED]; main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;il;i++){ i%8? c=1: (c=*++x); c128 (s+=h); if (!(h=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
RE: some custom ruleset rule info please
Not with any 3.x version. guenther :-) Oops, my fault... I missed that part even though I was looking for it What about this Chinese ruleset, anyone in the USA using it to help with occasional or massive incoming foreign spam? I would guess it puts quite a load on the system eh? :-0 Chinese Rules Rules to catch spams written in Chinese. Created by: Quang-Anh Tran, at CCERT Anti-Spam Team Contact: [EMAIL PROTECTED] License Type: Apache License Status: Active Available at: http://www.ccert.edu.cn/spam/sa/Chinese_rules.cf More information (in Chinese): http://www.ccert.edu.cn/spam/sa/Chinese_rules.htm Note : Rules and scores are updated once a week by using spams reported to the anti-spam service of CCERT in the last 3 months. Sample Results: MasscheckChineserules - rh
ok_locales (was: Re: some custom ruleset rule info please)
On Fri, 2008-02-29 at 14:42 -0800, Robert - elists wrote: What about this Chinese ruleset, anyone in the USA using it to help with occasional or massive incoming foreign spam? Is there any particular need for additional rules, or are you just fishing for fun? That's quite a jump from backhair... Anyway, do you speak or read Chinese? Japanese, Korean, any Cyrillic language or Thai? I haven't had a look at that particular custom ruleset you mention, but it sounds like simply using 'ok_locales en' would do if you can't decypher any charset but Western [1]. If you can, just add them to the list. See LANGUAGE OPTIONS in the docs. http://spamassassin.apache.org/full/3.2.x/doc/Mail_SpamAssassin_Conf.html guenther [1] Yes, that includes German Umlauts, Swedisch, French, etc. See my recent postings about this the last 2 weeks. -- char *t=[EMAIL PROTECTED]; main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;il;i++){ i%8? c=1: (c=*++x); c128 (s+=h); if (!(h=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
RE: ok_locales (was: Re: some custom ruleset rule info please)
On Fri, 2008-02-29 at 14:42 -0800, Robert - elists wrote: What about this Chinese ruleset, anyone in the USA using it to help with occasional or massive incoming foreign spam? Is there any particular need for additional rules, or are you just fishing for fun? That's quite a jump from backhair... Anyway, do you speak or read Chinese? Japanese, Korean, any Cyrillic language or Thai? I haven't had a look at that particular custom ruleset you mention, but it sounds like simply using 'ok_locales en' would do if you can't decypher any charset but Western [1]. If you can, just add them to the list. See LANGUAGE OPTIONS in the docs. http://spamassassin.apache.org/full/3.2.x/doc/Mail_SpamAssassin_Conf.html guenther Yeah, I am fishing a little... mainly for people with experience with these rulesets to speak up as necessary It is a global world and we have different languages traversing our systems. You mentioned some of them... Bottom line is we are looking for ideas for the short and long term future. We are away of the language setting and are trying to get more well versed in the various integrations available. Some of those rulesets are current and work well in 3.2.4 etc Thank you - rh
RE: ok_locales (was: Re: some custom ruleset rule info please)
Yeah, I am fishing a little... mainly for people with experience with these rulesets to speak up as necessary It is a global world and we have different languages traversing our systems. You mentioned some of them... Which ones? The Western charset ones in the footnote, or the one with entirely different charsets and symbols? If you *do* expect legit mail entirely written in Chinese, ok_locales clearly is not a good way to handle Chinese spam, right. guenther -- char *t=[EMAIL PROTECTED]; main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;il;i++){ i%8? c=1: (c=*++x); c128 (s+=h); if (!(h=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}