On Tue, 2009-05-26 at 10:20 +0200, Matus UHLAR - fantomas wrote:
Well, first issue was only to compare file extension to provided mime type,
so it would hit .gif file of type image/jpeg
or do we need a FileType plugin?
Yes - comparing MIME image type to the file extension is already
On Tue, 2009-05-26 at 10:20 +0200, Matus UHLAR - fantomas wrote:
Well, first issue was only to compare file extension to provided mime type,
so it would hit .gif file of type image/jpeg
or do we need a FileType plugin?
On 26.05.09 11:23, Martin Gregorie wrote:
Yes - comparing MIME
Hi!
I just threw together a plugin that can check URLs for redirections, and
add whatever they redirect to to the message meta-data so that the true
destinations are checked by URIBLs etc.
It doesn't do this for all URLs in a message. I will only follow those
URLs it is specifically told to
Matus UHLAR - fantomas wrote:
You need to check the files contents to catch that, and the ImageInfo
plugin isn't meant to understand just any kind of content.
Well, first issue was only to compare file extension to provided mime type,
so it would hit .gif file of type image/jpeg
Ah. yes.
Thanks for your support everyone. In the last month my blacklist has
doubled in size and trapping a lot more spam bots. But still looking for
more spam so if any of you want to get a little less spam and help me
build my spam bot list then here's the instructions:
On Tue, 2009-05-26 at 17:49 +0200, Matus UHLAR - fantomas wrote:
On 26.05.09 11:23, Martin Gregorie wrote:
Yes - comparing MIME image type to the file extension is already
obsolete.
Are you sure? Have you made any measures that tell such comparision is
useless and has much of FPs?
I
I see this message coming out of my SA alot these days since upgrading to
3.2.5:
[23920] warn: netset: cannot include 127.0.0.0/8 as it has already been included
Where is this local net being 'included', and how can I suppress
the duplicate inclusion message?
Thanks,
linda
On Tue, 2009-05-26 at 11:55 -0700, Linda Walsh wrote:
I see this message coming out of my SA alot these days since upgrading to
3.2.5:
[23920] warn: netset: cannot include 127.0.0.0/8 as it has already been
included
Where is this local net being 'included', and how can I suppress
the
I see this message coming out of my SA alot these days
since upgrading to
3.2.5:
[23920] warn: netset: cannot include 127.0.0.0/8 as it
has already been included
Where is this local net being 'included', and how can I
suppress
the duplicate inclusion message?
Thanks,
linda
It
Jari Fredriksson wrote:
I see this message coming out of my SA alot these days
since upgrading to
3.2.5:
[23920] warn: netset: cannot include 127.0.0.0/8 as it
has already been included
Where is this local net being 'included', and how can I
suppress
the duplicate inclusion message?
Jari Fredriksson wrote:
I see this message coming out of my SA alot these days
since upgrading to
3.2.5:
[23920] warn: netset: cannot include 127.0.0.0/8 as it
has already been included
Where is this local net being 'included', and how can I
suppress
the duplicate inclusion message?
On Tue, May 26, 2009 20:55, Linda Walsh wrote:
Where is this local net being 'included', and how can I suppress
the duplicate inclusion message?
remove 127.0.0.0/8 in your config
--
http://localhost/ 100% uptime and 100% mirrored :)
On Tue, May 26, 2009 17:37, Jonas Eckerman wrote:
I just threw together a plugin that can check URLs for redirections, and
add whatever they redirect to to the message meta-data so that the true
destinations are checked by URIBLs etc.
http://wiki.apache.org/spamassassin/WebRedirectPlugin
Benny Pedersen wrote:
http://wiki.apache.org/spamassassin/WebRedirectPlugin
know this plugin ?
Yes. Though I hade forgotten it's name.
what is the diff in the testing ?
Reading the descriptions of the two plugins would have given you some
good hints. Reading the documentation (both have
On Tue, 2009-05-26 at 22:12 +0200, mouss wrote:
Karsten Bräckelmann a écrit :
Bug 6119 has been opened already. Please attach additional samples
there, rather than opening a new bug for every sample. Thanks!
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6119
I've attached
Linda,
I see this message coming out of my SA alot these days since upgrading to
3.2.5:
[23920] warn: netset: cannot include 127.0.0.0/8 as it has already been
included
Where is this local net being 'included', and how can I suppress
the duplicate inclusion message?
Jonas Eckerman wrote:
Hi!
I just threw together a plugin that can check URLs for redirections,
and add whatever they redirect to to the message meta-data so that the
true destinations are checked by URIBLs etc...
I'm giving this a go and it looks good. I do wonder how companies like
On Wed, 27 May 2009, Jason Haar wrote:
Why can't SURBL be expanded to support full URLs instead of just the
hostname? That way you could blacklist a.bad.domain as well as
xttx://tinyurl . com/redirect-to-bad-domain? Some form of BASE64
encoding would be needed of course, but why not?
I'd
John Hardin wrote:
Sounds like a somewhat reasonable proposal to me.
Oh? I assumed someone else had thought of it before, and I was just
ignorant of the reasons against ;-)
Better still, the tinyurl-esque services should vet the URLs people
submit against SURBL...
They actually do. When I
add enter www net org to fuzzyocr wordlist do catch more image spam here
url like http://www.random.net/ is very clear after ocrad the png image
and fuzzyocr also catch the wroung mime types
--
http://localhost/ 100% uptime and 100% mirrored :)
Jason Haar wrote:
Why can't SURBL be expanded to support
full URLs instead of just the hostname? That way you could blacklist
a.bad.domain as well as xttx://tinyurl . com/redirect-to-bad-domain?
Some form of BASE64 encoding would be needed of course, but why not?
Because spammers could easily
mouss wrote:
is there a way to generalize this to other MIME types? I mean a file
claiming to be a .pdf when it is a .wmv...?
On 26.05.09 02:40, Jonas Eckerman wrote:
You need to check the files contents to catch that, and the ImageInfo
plugin isn't meant to understand just any kind of
Dear list,
I'm trying to get short circuit working:
body LOCAL_SPAM_DEMONSTRATION_RULE /testrudy/
priority LOCAL_SPAM_DEMONSTRATION_RULE -1
score LOCAL_SPAM_DEMONSTRATION_RULE 5.5
describe LOCAL_SPAM_DEMONSTRATION_RULE This is a simple test rule
shortcircuit
btw guys, note that hit-frequencies can also produce rule-overlap reports using
the -o switch
--j.
On Tue, May 26, 2009 at 00:57, Mandy messaging.director...@gmail.com wrote:
On Fri, May 22, 2009 at 9:06 PM, Henrik K h...@hege.li wrote:
On Fri, May 22, 2009 at 09:28:55PM +0200, Karsten
Ok, I found it, the plugin was not loaded...
--
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Rudy Gevaert rudy.geva...@ugent.be tel:+32 9 264 4734
Directie ICT, afd. Infrastructuur Direction ICT, Infrastructure dept.
Groep Systemen
25 matches
Mail list logo