[SAtalk] X-Rot version

2002-12-24 Thread Mike Loiterman
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I keep getting these blank emails with this common element in the header: X-Rot-Version: zvxr^nfpraqrapl(arg Could this ever be used for legitimate uses? Also - what sort of rule would be best to blacklist an email with this in the header? Shoul

Re: [SAtalk] X-Rot version

2002-12-24 Thread Duncan Findlay
On Tue, Dec 24, 2002 at 10:31:04PM -0600, Mike Loiterman wrote: > I keep getting these blank emails with this common element in the header: Wow... talk about ineffective spamming techniques. > X-Rot-Version: zvxr^nfpraqrapl(arg daf@green:~$ echo 'zvxr^nfpraqrapl(arg' | rot13 mike^ascendency(net

Re: [SAtalk] X-Rot version

2002-12-25 Thread Tony L. Svanstrom
On Tue, 24 Dec 2002 the voices made Mike Loiterman write: ML> X-Rot-Version: zvxr^nfpraqrapl(arg ML> ML> Could this ever be used for legitimate uses? Also - what sort of rule ML> would be best to blacklist an email with this in the header? Should it ML> just be points or should it be blacklisted

RE: [SAtalk] X-Rot version

2002-12-25 Thread Mike Loiterman
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wednesday, December 25, 2002 7:23 AM Tony L. Svanstrom wrote: > On Tue, 24 Dec 2002 the voices made Mike Loiterman write: > >> X-Rot-Version: zvxr^nfpraqrapl(arg >> >> Could this ever be used for legitimate uses? Al

Re: [SAtalk] X-Rot version

2002-12-25 Thread John Rudd
On Wednesday, Dec 25, 2002, at 05:22 US/Pacific, Tony L. Svanstrom wrote: On Tue, 24 Dec 2002 the voices made Mike Loiterman write: ML> X-Rot-Version: zvxr^nfpraqrapl(arg When this was discussed a lil while ago I think people agreed on this being used by spammers to track people Yeah, soun

RE: [SAtalk] X-Rot version

2002-12-25 Thread Tony L. Svanstrom
On Wed, 25 Dec 2002 the voices made Mike Loiterman write: ML> How would I block it at the MTA? I assume you're talking about Sendmail. ML> What about a concise rule for SA? I'm extremely poor with regexp and any ML> help would be greatly appreciated. Would this do it: ML> ML> ML> X-Rot: =~ /zvx

Re: [SAtalk] X-Rot version

2002-12-25 Thread Theo Van Dinter
On Wed, Dec 25, 2002 at 01:32:50PM -0600, Mike Loiterman wrote: > How would I block it at the MTA? I assume you're talking about > Sendmail. What about a concise rule for SA? I'm extremely poor with > regexp and any help would be greatly appreciated. Would this do it: Well, most MTAs allow for

RE: [SAtalk] X-Rot version

2002-12-25 Thread Mike Loiterman
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wednesday, December 25, 2002 1:54 PM Tony L. Svanstrom wrote: > On Wed, 25 Dec 2002 the voices made Mike Loiterman write: > >> How would I block it at the MTA? I assume you're talking about >> Sendmail. What about a

RE: [SAtalk] X-Rot version

2002-12-25 Thread Tony L. Svanstrom
On Wed, 25 Dec 2002 the voices made Mike Loiterman write: ML> Is there an advantage to using one or the other (procmail recipe vs SA ML> rule)? It seems odd to hard code such things into procmail, IMO. Seems ML> like SA rules are easier to implement, change or remove. For now, I'll use ML> this

Re: [SAtalk] X-Rot version

2002-12-25 Thread Theo Van Dinter
On Wed, Dec 25, 2002 at 11:27:06PM +0100, Tony L. Svanstrom wrote: > It depends on what you want to do; if you want to have hundreds of rules with > different scores, then SA is way superior, but if you've got a simple "hit this > one and die die die"-thing then why waste your servers time having

Re: [SAtalk] X-Rot version

2002-12-25 Thread Tony L. Svanstrom
On Wed, Dec 25, 2002 at 11:27:06PM +0100, Tony L. Svanstrom wrote: > It depends on what you want to do; if you want to have hundreds of rules with > different scores, then SA is way superior, but if you've got a simple "hit this > one and die die die"-thing then why waste your servers time having

RE: [SAtalk] X-Rot version

2002-12-25 Thread Mike Loiterman
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wednesday, December 25, 2002 4:46 PM Theo Van Dinter wrote: > On Wed, Dec 25, 2002 at 11:27:06PM +0100, Tony L. Svanstrom wrote: >> It depends on what you want to do; if you want to have hundreds of >> rules with diff

Re: [SAtalk] X-Rot version

2002-12-25 Thread Vivek Khera
> "TLS" == Tony L Svanstrom <[EMAIL PROTECTED]> writes: TLS> I want to add one thing: SA could actually be a weakness... TLS> As one rule among many this sure spamsign might not be enough to TLS> tag the e-mail as spam, and even if it is you'll just end up with TLS> yet another e-mail you ha

RE: [SAtalk] X-Rot version

2002-12-25 Thread Mike Loiterman
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wednesday, December 25, 2002 4:46 PM Theo Van Dinter wrote: > On Wed, Dec 25, 2002 at 11:27:06PM +0100, Tony L. Svanstrom wrote: >> It depends on what you want to do; if you want to have hundreds of >> rules with diff

RE: [SAtalk] X-Rot version

2002-12-25 Thread Mike Loiterman
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wednesday, December 25, 2002 4:46 PM Theo Van Dinter wrote: > On Wed, Dec 25, 2002 at 11:27:06PM +0100, Tony L. Svanstrom wrote: >> It depends on what you want to do; if you want to have hundreds of >> rules with diff

Re: [SAtalk] X-Rot version

2002-12-26 Thread Tony L. Svanstrom
On Wed, 25 Dec 2002 the voices made Vivek Khera write: VK> > "TLS" == Tony L Svanstrom <[EMAIL PROTECTED]> writes: VK> VK> TLS> I want to add one thing: SA could actually be a weakness... VK> VK> TLS> As one rule among many this sure spamsign might not be enough to VK> TLS> tag the e-mail as

RE: [SAtalk] X-Rot version

2002-12-27 Thread Mike Loiterman
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wednesday, December 25, 2002 1:54 PM Tony L. Svanstrom wrote: > On Wed, 25 Dec 2002 the voices made Mike Loiterman write: > >> How would I block it at the MTA? I assume you're talking about Sendmail. >> What about a

RE: [SAtalk] X-Rot version

2002-12-27 Thread Mike Loiterman
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wednesday, December 25, 2002 1:54 PM Tony L. Svanstrom wrote: > On Wed, 25 Dec 2002 the voices made Mike Loiterman write: > >> How would I block it at the MTA? I assume you're talking about Sendmail. >> What about a

RE: [SAtalk] X-Rot version

2002-12-28 Thread Tony L. Svanstrom
On Fri, 27 Dec 2002 the voices made Mike Loiterman write: ML> On Wednesday, December 25, 2002 1:54 PM Tony L. Svanstrom wrote: ML> >> 0 ML> > * ^X-Rot-Version: ML> > { ML> > EXITCODE=77 ML> > :0 ML> > /dev/null ML> > } ML> Actually, one quick addendu

RE: [SAtalk] X-Rot version

2002-12-28 Thread Mike Loiterman
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Saturday, December 28, 2002 6:42 AM Tony L. Svanstrom wrote: >> Actually, one quick addendum. It successfully bounces the messages, but >> *I* get a bounce back to me saying that relaying was denied to their spam >> m

RE: [SAtalk] X-Rot version

2002-12-28 Thread Tony L. Svanstrom
On Sat, 28 Dec 2002 the voices made Mike Loiterman write: ML> I deleted the exit code for now, but I'm interested in fixing the ML> permission denied message so it doesn't bounce back. Would you have any ML> ideas about how to do this? I guess that's a question for the Procmail ML> mailing list,

Re: [SAtalk] X-Rot version

2002-12-28 Thread Jeremy Nixon
On Sat, Dec 28, 2002 at 02:18:09PM -0600, Mike Loiterman wrote: > Hrm...I'm wondering if sending the permission denied message is an > invitation for them to really lay it on me. In other words, they know > they've hit a valid address, but I'm refusing their crap. Maybe > they'll use my address

RE: [SAtalk] X-Rot version

2002-12-28 Thread Mike Loiterman
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Saturday, December 28, 2002 3:10 PM Tony L. Svanstrom wrote: > On Sat, 28 Dec 2002 the voices made Mike Loiterman write: > >> I deleted the exit code for now, but I'm interested in fixing the >> permission denied mess