Hi all,
fixed in 2.0.2_1.2.08
- some weights (RBL URIBL) where wrong calculated
- new regex Optimizer.pm module 1.05
changed:
- a single regex can be exluded from optimization by putting <<< in
front and >>> at the end of the line
- URIBL: if an URI is obfuscated and it is reported by a
If someone wants to detect all links that points to an executable file,
the following regex will do it:
<<<(?:(?i:[\=\%][46]8|\&\#(?:0?72|104)\;?|h)(?:\=(?:\015?\012|\015))?(?i:[\=\%][57]4|\&\#(?:0?84|116)\;?|t)(?:\=(?:\015?\012|\015))?|(?i:[\=\%][46]6|\&\#(?:0?70|102)\;?|f)(?:\=(?:\015?\012|\015
> I'm not clear on where your variant should be
placed.
Was already posted in the thrad.
>> Use the regex in 'bombDataRe'.
Thomas
Von:ad...@trekcom.net
An: ASSP development mailing list
Datum: 10.09.2010 18:57
Betreff:Re: [Assp-test] Antwort: Re: Blocking the new email vir
>Is there a way to not optimize only some lines instead of all?
Yes, put '<<<' in front and '>>>' at the end of the line (without the
quotes). There is a small issue in that feature, it only works, if it is
not the only line in file - sorry.
Thomas
Von:K Post
An: ASSP development
Thanks for your work. I'm not clear on where your variant should be
placed. Could you elaborate a little for us newbie's?
Thanks,
Roger
On 9/10/2010 10:00 AM, Thomas Eckardt wrote:
> This variant is more exact (and tested !),
>
> (?:(?i:[\=\%][46]8|\&\#(?:0?72|104)\;?|h)(?:\=(?:\015?\012|\01
Starting with 1.8.1.0 (0.0.18) the weighting in URIBL is done
differently:
URIBL Service Providers* (URIBLServiceProvider)
Domain Names of URIBLs to use separated by "|". You may set for every
provider a weight like multi.surbl.org=>50|black.uribl.com=>25.
The value of the weight can be set dire
Hi Thomas
I see this is now coming up
Error: Worker_1: read timeout at
/usr/local/lib/perl5/site_perl/5.10.1/LWP/Protocol/http.pm line 426. at
/usr/local/lib/perl5/site_perl/5.10.1/LWP/UserAgent.pm line 844.
Dale
- Original Message -
From: "Thomas Eckardt"
To: "Dale" ; "ASSP
THANK YOU THOMAS, not just for the regex but for the clear explanation!
I didn't mean to imply that ASSP was a problem or anything, just that with
email brings line breaks, hex and dec encoding, etc...
The a-d-n-o-r command that you wrote about goes in the config file? That
disables optimization
This variant is more exact (and tested !),
(?:(?i:[\=\%][46]8|\&\#(?:0?72|104)\;?|h)(?:\=(?:\015?\012|\015))?(?i:[\=\%][57]4|\&\#(?:0?84|116)\;?|t)(?:\=(?:\015?\012|\015))?|(?i:[\=\%][46]6|\&\#(?:0?70|102)\;?|f)(?:\=(?:\015?\012|\015))?)(?i:[\=\%][57]4|\&\#(?:0?84|116)\;?|t)(?:\=(?:\015?\012|\015)
Hi Thomas
Just to confirm, in file:files/bombdatare.txt I add in one line,
(?:(?i:[\=\%][46]8|\&\#(?:0?72|104)\;?|h)(?i:[\=\%][57]4|\&\#(?:0?84|116)\;?|t)|(?i:[\=\%][46]6|\&\#(?:0?70|102)\;?|f))(?i:[\=\%][57]4|\&\#(?:0?84|116)\;?|t)(?i:[\=\%][57]0|\&\#(?:0?80|112)\;?|p)(?i:[\=\%][57]3|\&\#(?:0?83
To detect very bad URL's, I recommend to use 'a bit more' extended
regexes.
(?:(?i:[\=\%][46]8|\&\#(?:0?72|104)\;?|h)(?i:[\=\%][57]4|\&\#(?:0?84|116)\;?|t)|(?i:[\=\%][46]6|\&\#(?:0?70|102)\;?|f))(?i:[\=\%][57]4|\&\#(?:0?84|116)\;?|t)(?i:[\=\%][57]0|\&\#(?:0?80|112)\;?|p)(?i:[\=\%][57]3|\&\#(?:0?8
11 matches
Mail list logo
