Hi there
We have some Chinese users complaining about spam, and looking around it
seems there aren't any up-to-date Chinese-specific rules?
The ccert.edu.cn rules looked great (ie thought through - I can't tell
speak for their effectiveness), but they haven't been updated since 2006
Anyone know
On 14/03/12 02:36, Alex wrote:
Hi,
http://pastebin.com/raw.php?i=iquXBnH0
While I could create a rule to block this specific domain, or submit
it to a RBL, I'd appreciate any ideas how to more generally block
them, rather than by one characteristic in the message.
We need more examples.
On 14/03/12 03:09, David B Funk wrote:
On Tue, 13 Mar 2012, Alex wrote:
Hi,
http://pastebin.com/raw.php?i=iquXBnH0
While I could create a rule to block this specific domain, or submit
it to a RBL, I'd appreciate any ideas how to more generally block
them, rather than by one characteristic
On 14/03/12 03:09, David B Funk wrote:
On Tue, 13 Mar 2012, Alex wrote:
Hi,
http://pastebin.com/raw.php?i=iquXBnH0
While I could create a rule to block this specific domain, or submit
it to a RBL, I'd appreciate any ideas how to more generally block
them, rather than by one characteristic
Quite a bit has been said under Better phish detection
Just put up an autocreated little rule file based the few dozen phises
in my corpus.
http://sourceforge.net/projects/sare/
If enough ppl contribute with samples, it could be created regularly.
Anybody interested in sharing not
Hi,
Note that URL, yet another p0ned WordPress website (the
/wp-content/plugins/ stuff). Now you get a hint of why I hate
install-and-forget websites.
When ever I run into p0ned websites their domain name goes into my
private URIBL list. They don't get spam past me again.
Here's a rule to
On 15/03/12 00:39, Alex wrote:
One clue: X-Originating-IP: [41.189.207.189]
Check the various RBL hits on that address. ;)
Are there existing plugins for this?
Is there a way to check a range to see if it's part of a known
blacklisted botnet?
Or if you don't expect to receive email from
On Wed, 14 Mar 2012, Alex wrote:
I actually created a bunch of those already, and would appreciate if
someone would check my work:
uri LOC_WP
On Wed, 14 Mar 2012, David B Funk wrote:
One clue: X-Originating-IP: [41.189.207.189]
Check the various RBL hits on that address. ;)
Are there existing plugins for this?
Is there a way to check a range to see if it's part of a known
blacklisted botnet?
The cbl.abuseat.org RBL explicitly