On Mon, 2 Apr 2018, Amir Caspi wrote:
many organizations -- especially government or other
large orgs -- also use firstname.middleinitial.lastname as their user
part.
So require a minimum length for the middle part:
header THREE_WORD_MONTY From =~ /(\w+) (\w{2,}) (\w+) <\1.\2.\3/
A meta
On Mar 31, 2018, at 4:52 AM, Pedro David Marco wrote:
>
> Amir, can you provide any pastebin sample, please?
I thought it was relatively self-explanatory, but I'm talking about names very
much like the ones that Rich Wales included in his recent email (subject: "Spam
On Apr 1, 2018, at 11:33 PM, Rich Wales wrote:
>
> I do realize some perfectly legitimate "From:" lines conform to this same
> pattern, and the only way to really tell the difference may be via AI or a
> real human brain.
Not just "some" legitimate mail... a LOT of legitimate
On Mon, 2 Apr 2018, Pedro David Marco wrote:
Yeah, just confirmed. A non-obfuscated URI in plain-text body part is
recognized and extracted for uri rules.
Thanks John... can you provide any pastebein sample please??...
It's trivially easy to add a URI to the text body part of any test
On 02/04/18 14:58, RW wrote:
On Mon, 2 Apr 2018 08:26:27 -0500
David Jones wrote:
On 04/02/2018 07:18 AM, Sebastian Arcus wrote:
Thank you - one example here: https://pastebin.com/UGStfCys
It found "xon, OX" in "Aylesbury Road, Thame, Oxon, OX9 3AT"
It's an aggressive rule that finds
On 02/04/18 14:26, David Jones wrote:
On 04/02/2018 07:18 AM, Sebastian Arcus wrote:
Thank you - one example here: https://pastebin.com/UGStfCys
On 02/04/18 13:10, Kevin A. McGrail wrote:
Pastebin a sample(s).
On Mon, Apr 2, 2018, 08:06 Sebastian Arcus
On 02/04/18 13:35, Pedro David Marco wrote:
Sebastian,
can you run
spamassassin -D -t &1 | grep got | grep FUZZY_XPILL
and post the result, please?
Hi Pedro. Please find the output below:
Apr 2 15:45:59.961 [6928] dbg: rules: ran body rule FUZZY_XPILL ==>
got hit: "xon, OX"
On Mon, 2 Apr 2018 08:26:27 -0500
David Jones wrote:
> On 04/02/2018 07:18 AM, Sebastian Arcus wrote:
> > Thank you - one example here: https://pastebin.com/UGStfCys
It found "xon, OX" in "Aylesbury Road, Thame, Oxon, OX9 3AT"
It's an aggressive rule that finds anything that might be an
On 04/02/2018 07:18 AM, Sebastian Arcus wrote:
Thank you - one example here: https://pastebin.com/UGStfCys
On 02/04/18 13:10, Kevin A. McGrail wrote:
Pastebin a sample(s).
On Mon, Apr 2, 2018, 08:06 Sebastian Arcus > wrote:
I have a
Sebastian,
can you run
spamassassin -D -t &1 | grep got | grep FUZZY_XPILL
and post the result, please?
PedroD
On 01.04.18 18:26, Michael Brunnbauer wrote:
I'd like to start to improve things by getting DNS blacklist in Spamassassin
to work again. I think it would improve things drastically. So let's look at
my problem again: running my example spam through spamassassin gets it
marked as spam while using
Thank you - one example here: https://pastebin.com/UGStfCys
On 02/04/18 13:10, Kevin A. McGrail wrote:
Pastebin a sample(s).
On Mon, Apr 2, 2018, 08:06 Sebastian Arcus > wrote:
I have a client which handles a lot of hotel bookings as
Pastebin a sample(s).
On Mon, Apr 2, 2018, 08:06 Sebastian Arcus wrote:
> I have a client which handles a lot of hotel bookings as part of their
> work - and all hotel booking confirmations coming from Travelodge (a UK
> hotel chain) hit FUZZY_XPILL.
>
> I've tried looking
I have a client which handles a lot of hotel bookings as part of their
work - and all hotel booking confirmations coming from Travelodge (a UK
hotel chain) hit FUZZY_XPILL.
I've tried looking at the regex of the rule, but can't quite get my head
around what it is supposed to do, and can't
Hello Bill,
On Mon, Apr 02, 2018 at 02:33:08AM -0400, Bill Cole wrote:
> So I guess I was right?
I don't think so.
> Is there a tree of Perl modules under /root?
No. I actually just reproduced the problem with a completely empty /root:
cd /
mkdir root1
chmod go= root1
mv root root.old ; mv
>Yeah, just confirmed. A non-obfuscated URI in plain-text body part is
>recognized and extracted for uri rules.
Thanks John... can you provide any pastebein sample please??...
PedroD
On 01/04/18 19:18, John Hardin wrote:
On Sun, 1 Apr 2018, John Hardin wrote:
On Sun, 1 Apr 2018, Matus UHLAR - fantomas wrote:
On 01.04.18 05:47, Pedro David Marco wrote:
This is a problem i see oftenly...
what if the URL is only in the TEXT part and not in the HTML? many
email
On 2 Apr 2018, at 1:33 (-0400), Rich Wales wrote:
[I tried asking this question a couple of days ago, but I've seen no
signs that it made it out to the list -- possibly because the sample
e-mail addresses I included in my question might have caused it to be
flagged as spam. So here goes again,
On 1 Apr 2018, at 21:09 (-0400), Michael Brunnbauer wrote:
[...]
Figuring out what spamd is using is less simple (and system-specific)
but
since you've been maintaining a system by hand for a long time I
expect
you'll be able to figure out how to do so safely.
This does not sound very
19 matches
Mail list logo