[SAtalk] Image-ONLY e-mails not filtered?

FYI -- I'm noticing SPAMs which contain ONLY an image are not being filtered at all. Specifically, the HTML message only contains simple open/close BODY and HTML tags with just the IMG SRC tag in the middle - which in turn loads a spam-related promotion from somewhere... I was assuming this type of

[SAtalk] [RD] antidrug 0.2 available

Fixes a few minor issues: 1) corrected spelling of sildenafil citrate. 2) added vigara to the v-word mis-spelling list 3) added optional leading and trailing gap-characters to the gapped versions of rules. 4) added some gapped and obfu versions of Cilais 5) added some commentary --

Re: [SAtalk] Acronym Update

> --On Friday, January 16, 2004 12:13:21 -0600 Carl Chipman > <[EMAIL PROTECTED]> wrote: > > > For the new people on the list, I was wondering what the following > > acronyms mean: > > > > LART > Luser Attitiude Readjustment Tool > Reporting the offending user to <[EMAIL PROTECTED]> > > UBE/UCE > U

Re: [SAtalk] [OT] New Virus psychology?

At 01:27 PM 1/16/2004, Charles Gregory wrote: I received an e-mail with an attachment NAMED: "www.boards4all.com". Of course, '.com' files are similar to '.exe' files and so what *looks* like a web address actually ends up being an executable. Similarly, I've seen things like www.paypal.com.scr. W

Re: [SAtalk] Load Balancing: Was Bayes NFS safe?

That's just it, one person says run them all on the same machine, you say keep'm separate.. I'm more incline to keep's separate for simplicity sake... Who the heck knows.. Thanks, Billy - Original Message - From: "Scott Lambert" <[EMAIL PROTECTED]> To: "Billy Huddleston" <[EMAIL PROTE

Re: [SAtalk] spamassassin on Gateway server (MX)

On Fri, 16 Jan 2004, Ross Vandegrift wrote: > On Thu, Jan 15, 2004 at 02:20:16AM -0600, David B Funk wrote: > > If you SMTP reject the spam, it never hits your queue, so no problem > > with the garbage piling up and no bombarding poor innocent 'joe-job' > > victims. It's better than auto-deleting

Re: [SAtalk] RBL Check and logfile question

At 04:26 PM 1/16/2004, David Roback wrote: spamd[28929]: debug: RBL: success for 1 of 1 queries There is a line for a RBL query, but shouldn't the RBL tests shop up in the "tests line" in the debug log? If RBL is not running site wide, any ideas why? The thing that strikes me most about that li

Re: [SAtalk] goodbye

On Fri, Jan 16, 2004 at 10:50:58PM +0100, pacho baratta carved this out of pure phosphors: > Uhm, see you around, i guess? -- panic("Detected a card I can't drive - whoops\n"); 2.2.16 /usr/src/linux/drivers/net/daynaport.c --- The S

[SAtalk] goodbye

Title: goodbye

[SAtalk] RBL Check and logfile question

Hi, We have just implemented SA in a site wide configuration. In debug mode, I am not seeing any RBL checks in the list of tests, but when I run spamc on the same message they show up just fine. The final scores also do not match. Here are parts of the log files. debug: running raw-body-tex

[SAtalk] [OT] New Virus psychology?

Not strictly speaking 'spam', but one heck of a psychological trick for getting people to open attachments: I received an e-mail with an attachment NAMED: "www.boards4all.com". Of course, '.com' files are similar to '.exe' files and so what *looks* like a web address actually ends up being an exe

Re: [SAtalk] Spam Collecting

Gary Funck wrote: It is a pain, esp. on a big mailbox, and you need large sample, of say, 2000/so each of ham and spam to train the Bayes engine. What I did is fired up 'mutt', and used its 'tag' capabilities to tag the spam that I wanted to extract and deposit into my spam sample. It is impor

Re: [SAtalk] [OT and long] Port Blocking (was: Spamwriter).

On Fri, 16 Jan 2004, Pedro Sam wrote: > Here's another analogy, I leave my legally owned and licensed firearm > in plain view in the fore mentioned car. Robbers then proceed to > steal my big ass gun and rob a bank ... well, you see where this is > headed. I can see where you are trying to FORCE

Re: [SAtalk] Acronym Update

On Friday, January 16, 2004 @ 10:13:21 AM [-0700], Carl Chipman wrote: > LART Linux Advanced Radio Terminal > UBE/UCE Upper Body Excerciser/Unforeseen Circumstances Excepted acronymfinder.com :) -- Matt --- The SF.

Re: [SAtalk] [OT] Acronym Update

Evan Platt wrote: > Probably not in the SpamAssassin FAQ, however a yahoo search of "What is a > LART" comes up with a good link: > > I like much better ;-) SCNR posting this one...

RE: [SAtalk] Acronym Update

Thanks all for the acronyms, and the links to hackers jargon etc... I didn't think to check there and just assumed that the terms were SA specific terminology. Back to the normal conversations. Carl Chipman Nomadics, Inc. [EMAIL PROTECTED] http://www.nomadics.com -Original Message- Fro

Re: [SAtalk] Acronym Update

--On Friday, January 16, 2004 12:13 PM -0600 Carl Chipman <[EMAIL PROTECTED]> wrote: > LART > UBE/UCE Try http://www.jargon.org/ for LART. (It's a wonderful and fun site, hence I won't spoil it for you.) UBE/UCE is unsolicited bulk/commercial email. --

[SAtalk] Re: unsubscribed

On Fri, 2004-01-16 at 11:52, Evan Platt wrote: > "unsubscribed"? > > No, you're not (yet). > > What is it? In the past week, the ratio of 'unsubscribe' messages to normal > traffic has been like 1:1. Hmm... When last I examined mailing list managers, there were some that were excellent at handli

Re: [SAtalk] Acronym Update

At 01:13 PM 1/16/2004, Carl Chipman wrote: For the new people on the list, I was wondering what the following acronyms mean: LART Luser Attitude Readjustment Tool. See http://www.catb.org/~esr/jargon/html/L/LART.html UBE/UCE Unsolicited Bulk Email / Unsolicited Commercial Email. -

[SAtalk] Trouble with whitelist_from_rcvd cont.

Hello Spam Neutralizers! I now understand that there is a bug in SpamAssassin Re: trusted_hosts and whitelist_from_rcvd. The buggy behavior of checking only whitelist_from_rcvd if the ip is not in trusted_hosts means that whitelist_from_rcvd [EMAIL PROTECTED] mailhost.company.com means that m

Re: [SAtalk] spamassassin on Gateway server (MX)

On Fri, 16 Jan 2004, Ross Vandegrift wrote: > On Thu, Jan 15, 2004 at 02:20:16AM -0600, David B Funk wrote: > > If you SMTP reject the spam, it never hits your queue, so no problem > > with the garbage piling up and no bombarding poor innocent 'joe-job' > > victims. It's better than auto-deleting

Re: [SAtalk] Acronym Update

--On Friday, January 16, 2004 12:13:21 -0600 Carl Chipman <[EMAIL PROTECTED]> wrote: For the new people on the list, I was wondering what the following acronyms mean: LART Luser Attitiude Readjustment Tool Reporting the offending user to <[EMAIL PROTECTED]> UBE/UCE Unsolicited Bulk Email/Unsoli

Re: [SAtalk] Acronym Update

Op vrijdag 16 januari 2004 19:13, schreef Carl Chipman: > For the new people on the list, I was wondering what the following acronyms > mean: > > LART Luser Attitude Re-adjustment Tool > UBE/UCE Unsollicited Bulk Email/Unsollicited Commercial Email (aka SPAM) > Are the acronoyms in the FAQ? Th

RE: [SAtalk] Problems running begevil and tripwire together

> -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On > Behalf Of Scott Harris > Sent: Friday, January 16, 2004 9:59 AM > To: [EMAIL PROTECTED]; 'Chris Santerre' > Subject: RE: [SAtalk] Problems running begevil and tripwire together > > Thanks for the reply. I

Re: [SAtalk] Acronym Update

--On Friday, January 16, 2004 12:13 PM -0600 Carl Chipman <[EMAIL PROTECTED]> wrote: > For the new people on the list, I was wondering what the following > acronyms mean: > > LART LART = Luser Attitude Readjustment Tool. It can be used as a noun (in which case it's something that hopefully

Re: [SAtalk] Acronym Update

Carl Chipman wrote: For the new people on the list, I was wondering what the following acronyms mean: LART UBE/UCE Are the acronoyms in the FAQ? Carl, Luser Attitude Readjustment Tool Unsolicited Bulk/Commercial Email Google is your friend, HAND, Scott -- Scott V. Blomquist,A-SA-CN-NRKTINL

[SAtalk] Acronym Update

For the new people on the list, I was wondering what the following acronyms mean: LART UBE/UCE Are the acronoyms in the FAQ? Carl Chipman Nomadics, Inc. [EMAIL PROTECTED] http://www.nomadics.com --- The SF.Net email is sponsored by Eclips

Re: [SAtalk] spamassassin on Gateway server (MX)

On Thu, Jan 15, 2004 at 02:20:16AM -0600, David B Funk wrote: > If you SMTP reject the spam, it never hits your queue, so no problem > with the garbage piling up and no bombarding poor innocent 'joe-job' > victims. It's better than auto-deleting spam, as a legit message > that is accidentally mis-i

Re: [SAtalk] [RD] Anti-drug.cf now available

Due to the LARGE number of emails coming in citing the same suggestion, I'll publicly explain one of the rules. I very much on purpose did not use "." for __DRUGS_MALEDYSFUNCTION7 and __DRUGS_MALEDYSFUNCTION8. I very purposefully match \W in one, and _ in the other. Between the two it will mat

RE: [SAtalk] Problems running begevil and tripwire together

Thanks for the reply. It is *extremely* weird. I had already done the test you suggested, but just to CYA I did it again. This morning I ran each for an hour by itself with no problem. About 10 minutes ago I then restarted with both loaded and the first message that came through immediately ga

Re: [SAtalk] [RD] Anti-drug.cf now available

At 07:55 AM 1/16/2004, Matt Kettler wrote: Due to the fun of online pharmacies, I've made this ruleset in my spare time. http://mywebpages.comcast.net/mkettler/sa/antidrug.cf Well, here's one suggestion: You're probably safe changing __DRUGS_MALEDYSFUNCTION8 to use "." as the separator, so th

RE: [SAtalk] Korean Spam

Let me preface this by saying that this may not work for everyone, but here are the rules I use on my server to dump Korean spam, because we were getting 50-60 a day at one time. header CHECK_KOREAN1Content-type =~ /ks_c_5601-1987/i describe CHECK_KOREAN1 Content-type contains

[SAtalk] Re: Spam Collecting

On Fri, 16 Jan 2004 08:51:34 -0800, cube <[EMAIL PROTECTED]> writes: > Does anyone have a good way of collecting ham for the bayesian > filters. I can collect spam quite easily, but mixed in with my ham > is all kinds of spam. (There is a buttload of spam with less hits > than 1.) I manually cl

RE: [SAtalk] FP on MY_HTTP_ODD_PORT

On Thu, 2004-01-15 at 16:17, Alan Munday wrote: > Matt/Theo > > Yes it did come from the "other" wiki. > > This raises the question of how can we learners tell what is no longer valid > from the custom rule sets? > > Also are there any established processes for managing them? > It's a wiki. Yo

[SAtalk] Re: Korean Spam

On Fri, 16 Jan 2004 16:42:03 +0100, jean-christophe valiere <[EMAIL PROTECTED]> writes: > Hi, > > Does somebody recieve korean spam or more generally asian spam. > One of my customer recieve about 60 asian spam per day and around > 10 of them are nor stopped by spamassassi

RE: [SAtalk] Forged mail pretending to be from MS Outlook

On Mon, 2004-01-12 at 15:50, Mitch (WebCob) wrote: > I keep saying this and no one does... (not sure if it's you, or if > there are a lot of people sending the same question) - MORE > INFORMATION is needed. > > 0) READ THE ACHIVES > 1) SEND THE HEADERS > 2) FILE A BUG REPORT > You can also ref

Re: [SAtalk] Load Balancing: Was Bayes NFS safe?

So your saying run Qmail & spamc/spamd on the same machine.. on all the nodes.. and use my LVS director to direct the smtp traffic to each node as needed? Thanks, Billy - Original Message - From: "Andreas Stollar" <[EMAIL PROTECTED]> To: "Billy Huddleston" <[EMAIL PROTECTED]> Cc: <[EMAIL

RE: [SAtalk] Spam Collecting

> From: cube > Sent: Friday, January 16, 2004 8:52 AM > > Does anyone have a good way of collecting ham for the bayesian > filters. I > can collect spam quite easily, but mixed in with my ham is all > kinds of spam. > (There is a buttload of spam with less hits than 1.) > > I read everywhere t

[SAtalk] sa-learn trouble

Hi My SA seems to forget about already learned messages: sa-learn --spam spam*.eml Learned from 107 message(s) (217 message(s) examined). If I do it again on the exact same mail files: sa-learn --spam spam*.eml Learned from 107 message(s) (217 message(s) examined). What's gone wrong? thanks

Re: [SAtalk] sa-learn always learns only one message in a directory

Are you using the --mbox flag with sa-learn? Brad On Fri, 16 Jan 2004, Marcus Frischherz wrote: > Hi! > > I use SA 2.61, exim 4.24 and WU imapd, I use IMAP4 and keep my mails on the > server. The folders seem to be in the mbx format. When I run sa-learn on one of > them it, sa-learn is busy f

[SAtalk] Spam Collecting

Does anyone have a good way of collecting ham for the bayesian filters. I can collect spam quite easily, but mixed in with my ham is all kinds of spam. (There is a buttload of spam with less hits than 1.) I read everywhere that I should do this process manually to ensure the quality of ham; th

Re: [SAtalk] unsubscribed

"unsubscribed"? No, you're not (yet). What is it? In the past week, the ratio of 'unsubscribe' messages to normal traffic has been like 1:1. --On Saturday, January 17, 2004 12:11 AM +0800 Tony Cheng <[EMAIL PROTECTED]> wrote: > > > --- > Sincerely yours. > > E-Mail : [EMAIL PROTECTE

Re: [SAtalk] Tripwire breaking exim/spamd setup

How hard would it be to set an upper limit in SA when writing rule hits as headers? Zarjazz wrote: Well it had to happen, I've been recieving some spam that triggered LOTS of tripwire rules and overflowing the smtp daemon header buffer. Extracts from exim panic log below. 2004-01-16 13:17:08 1Ah

[SAtalk] sa-learn always learns only one message in a directory

Hi! I use SA 2.61, exim 4.24 and WU imapd, I use IMAP4 and keep my mails on the server. The folders seem to be in the mbx format. When I run sa-learn on one of them it, sa-learn is busy for a while. However, afterwards the number of ham or spammed it learnt, is only increased by one (as shown b

Re: [SAtalk] Above threshhold but not tagged

John Fleming wrote: > X-Spam-Status: No, hits=-4.9 required=2.4 tests=BIZ_TLD,DATE_IN_PAST_12_24, > HABEAS_SWE,HTML_50_60,HTML_MESSAGE,MIME_HTML_ONLY, > MIME_HTML_ONLY_MULTI,RCVD_IN_SORBS,WHY_WAIT autolearn=ham version=2.60 [snip] > Apparently autolearn is now turned ON, but it used to be OFF!

[SAtalk] unsubscribed

  ---Sincerely yours.   E-Mail : [EMAIL PROTECTED]    

Re: [SAtalk] Bayes NFS safe?

On Thu, 15 Jan 2004, Billy Huddleston wrote: > Are you all load balancing these? If so, are you doing it at the SMTP level > or using SPAMD ? I'm getting ready to implement a 2 node system with > qmail..and wondering if using a single SMTP machine calling spamc against a > cluster of SA machines

[SAtalk] OT: Counter-intelligence (Spy v Spy)

I've seen mention made of the fact that spammers frequent these lists, and many of the websites referenced as anti-spam resources. Are there any organized efforts to monitor sites and lists the spammers themselves frequent to try to anticipate the directions things may head in the near future to ai

[SAtalk] ICAP eval test

Has anyone thought about including the ability to connect to an ICAP proxy server as an eval rule to test urls against? If they fail then that is a pretty good spam indicator, and the overhead should not be too high I don't think. It might be a little difficult to set up, and most sites would n

Re: [SAtalk] Bayes NFS safe?

On Fri, Jan 16, 2004 at 10:44:04AM -0500, Damian Gerow wrote: > Thus spake Ed Walker ([EMAIL PROTECTED]) [15/01/04 20:04]: > > > > How's this holding up under heavy load with large clusters? How much > > overhead for either the SQL server or SA? > > Having not written the code, and not being in a

RE: [SAtalk] Tripwire breaking exim/spamd setup

This is some pretty good info. Can you trow something up on either wiki about exim users/lots of rules/long headers/and default buffer size? I'm sure others might start having this problem. good find! --Chris > -Original Message- > From: Zarjazz [mailto:[EMAIL PROTECTED] > Sent: Friday,

RE: [SAtalk] Another BigEvil FP

Dear Chris, Keep the heating up and get yourself warm again! I did not know that pandasoftware hired firms to 'advertise' their stuff, anyway I never received a Spam from them. Yours sincerely, Harrie Overdijk Harrie Overdijk, ECN, Postbox 1, 1755 ZG Petten (NH), The Netherlands

[SAtalk] [RD] Anti-drug.cf now available

Due to the fun of online pharmacies, I've made this ruleset in my spare time. http://mywebpages.comcast.net/mkettler/sa/antidrug.cf It's not perfect, and needs some cleanup and some more obfuscated variants added in. However some of the rather abusive pill-spammers of late have made me decide t

RE: [SAtalk] Another BigEvil FP

This was a very nice email that I got about this domain. Sorry I haven't replied yet. I'm still looking into it. I see both ham and spam when it comes to them. I think I'm going to move it into a new sham rule "W" and watch it VERY closely. They better have changed there UBE/UCE policy, or I will p

Re: [SAtalk] Bayes NFS safe?

Thus spake Ed Walker ([EMAIL PROTECTED]) [15/01/04 20:04]: > > We've got four.. And I'm going to insert yet another shameless plug > for the > > SQL rewrite for the Bayes code that's currently sitting in a bug > report. > > 'Tis definitely multi-host safe, and 'twould make my life easier... > > H

Re: [SAtalk] Books...

Osborne/McGraw-Hill is coming out with the Anti-Spam Toolkit in March 2004. It has several chapters devoted to SpamAssassin and various components. Thanks, Charlie > On Thu, Jan 15, 2004 at 11:25:25AM -0500, Matt Kettler wrote: >> >Hey does anyone know if there are any spamassassin books commin

[SAtalk] Korean Spam

Hi, Does somebody recieve korean spam or more generally asian spam. One of my customer recieve about 60 asian spam per day and around 10 of them are nor stopped by spamassassin. Is there any special .cf file or ?? Thx. -- Jean-Christophe VALIERE E

[SAtalk] Re: mPOP Web-Mail 2.19: ratware?

snowchyld wrote: > i've noticed very very very low hits on that as a ham, i'm currently > building my own rules (the first one being this mixed with that cable tv > thing (split by bad html or being a generic 'V-word' spam) > > my rules (as i build will be available here) > http://snowchyld.org/s

[SAtalk] Tripwire breaking exim/spamd setup

Well it had to happen, I've been recieving some spam that triggered LOTS of tripwire rules and overflowing the smtp daemon header buffer. Extracts from exim panic log below. 2004-01-16 13:17:08 1AhTqL-0001gb-Ax string_sprintf expansion was longer than 8192 2004-01-16 13:17:18 1AhTqa-0001jS-IR str

[SAtalk] [OT] Spam conference, I'm 0 for 2!

As you can see, I'm in my office now. I was halfway there! Its really a thrilling tail that starts with arctic temperatures, a faulty water pump or thermostat. Me in the cold with no heat for over an hour. My precious sports car on a flat bed with possible valve damage, and a HUGE tow bill because

Re: [SAtalk] Failed to parse

At 09:55 AM 1/16/2004, Michael H. Collins wrote: line in Spamassassin configuration, skipping: report_header 1 Failed to parse line in Spamassassin configuration, skipping: defang_mime 0 but it has been working for a couple of months through upgrades. And those lines look good in the local.cf

Re: [SAtalk] Another BigEvil FP

They also hire marketing firms (or do it themselves) to send UCE promoting their wares. I, myself have LART'd them 2 or three times. > It would be nice if this site would be removed from BigEvilList_130 or moved > to BigEvilList_X/Y/Z or whatever. > I can then remove pandasoftware.com from my wh

Re: [SAtalk] Tripwire breaking exim/spamd setup

Brook Humphrey wrote: > Zarjazz wrote: > >> Well it had to happen, I've been recieving some spam that triggered LOTS >> of tripwire rules and overflowing the smtp daemon header buffer. >> Extracts from exim panic log below. >> >> 2004-01-16 13:17:08 1AhTqL-0001gb-Ax string_sprintf expansion was l

Re: [SAtalk] adding rules changes Bayes?

On Fri, 16 Jan 2004, Matt Kettler wrote: > Hmm, does formail wind up generating a new set of message headers? It must modify them, because your suggestion (spamassassin -t < tmp) generates the same results as previously. Using the bounce function of Pine also generates new headers--I had notice

[SAtalk] Another BigEvil FP

Dear Chris Santerre, Thank you for your continuing effort to update bigevil.cf! I do have a remark on one of the sites mentioned in the uri BigEvilList_130. The site pandasoftware.com is an AntiVirus-site for the well known Panda Virusscanner. They also have distribution lists (to (un)subscribe) w

[SAtalk] Failed to parse

line in Spamassassin configuration, skipping: report_header 1 Failed to parse line in Spamassassin configuration, skipping: defang_mime 0 Errors when i run spamassassin --lint And if I run It resources go outa site and mail stops but it has been working for a couple of months through upgrades.

Re: [SAtalk] SpamAssassin Check

At 10:03 AM 1/16/04 +0530, Rahul Baweja wrote: Hi, How can i check if the Spam Assassin is working or not? send yourself a GTUBE: http://www.spamassassin.org/gtube/ --- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on

[SAtalk] Tripwire breaking exim/spamd setup

Well it had to happen, I've been recieving some spam that triggered LOTS of tripwire rules and overflowing the smtp daemon header buffer. Extracts from exim panic log below. 2004-01-16 13:17:08 1AhTqL-0001gb-Ax string_sprintf expansion was longer than 8192 2004-01-16 13:17:18 1AhTqa-0001jS-IR str

Re: [SAtalk] Creating rules for the following

At 09:03 AM 1/16/04 -0500, Segree, Gareth wrote: Text => Rule 1) Received: from [109.42.168.192] by 24.193.45.130 with HTTP => Received =~ /with HTTP/i That works.. 2) Subject: ?ISO-8859-1? => Subject =~ /(ISO-8859|iso-8859)/ (score = 3.0) Won't work.. that's a character encoding tag

[SAtalk] Creating rules for the following

Title: Creating rules for the following I have been trying to reduce the influx of spam to my company's mailserver but to no avail. I looked at the mail headers of several spam messages and I am seeing the following. Text => Rule     1) Received: from [109.42.168.192] by 24.193.45.1

Re: [SAtalk] adding rules changes Bayes?

At 07:56 AM 1/16/04 -0500, Theodore Heise wrote: cat tmp | formail -s sendmail theo Apparently this must process the mail differently than the normal receiving routine. If I use "bounce" in Pine, the Bayes results are approximately the same as before adding the new rules. I don't quite underst

Re: [SAtalk] adding rules changes Bayes?

On Thu, 15 Jan 2004, Theodore Heise wrote: > > first, run spamassassin --lint > > > > sounds like there's a typo in the rules you downloaded and SA is puking on > > your configfiles. > > Matt, thanks very much. There were several errors, I fixed them and > now it runs without complaints. Howev

[SAtalk] Re: The CAN-SPAM act....

Bart Schaefer wrote: > (Expect to see a lot more spam with the date set 30 days in the past.) Fortunately those kinds of tricks are easy to check against. In fact for that particular thing I think there is already a rule for it. So I can only hope that spammers send mail that way. It would be a

Re: [WL] Re: [SAtalk] [OT and long] Port Blocking (was: Spamwriter).

On January 15, 2004 01:15 pm, Charles Gregory wrote: > And if someone STEALS your car, the person who stole it is responsible, > even if you are unaware of the theft. With insurane being compulsory, in > some places the laws have been changed so that the owner's insurance > covers all damages regar

Re: [SAtalk] Trying to filter the blue pills beginning with V

Hi! (Re-post due to the last one being filtered!!!) I have been playing around with some rules for this and here are my results: body FB_VIA__GRA /[vV].?[iïîíìIÏÎÍÌl1\|[EMAIL PROTECTED]@]/i describe FB_VIA__GRA Via__gra with variations on the letters a and i score FB_VIA__GRA 2.0