On Tue, 8 Feb 2022, Loren Wilton wrote:
Are you talking about the use of m'' as the regex delimiter?
Yes.
It will probably work just fine for the foreseeable future, as long as the
input validation of rules files is lenient.
I think you may have a very hard time removing the m matching
Are you talking about the use of m'' as the regex delimiter?
Yes.
It will probably work just fine for the foreseeable future, as long as the
input validation of rules files is lenient.
I think you may have a very hard time removing the m matching
delimiters from SA. I suspect there are at
On 2022-02-08 at 13:14:06 UTC-0500 (Tue, 8 Feb 2022 13:14:06 -0500)
Kris Deugau
is rumored to have said:
[...]
> Are you talking about the use of m'' as the regex delimiter?
Yes.
It will probably work just fine for the foreseeable future, as long as the
input validation of rules files is
Bill Cole wrote:
On 2022-02-08 at 04:28:16 UTC-0500 (Tue, 8 Feb 2022 01:28:16 -0800)
Loren Wilton
is rumored to have said:
No, I added that after observing multiple spams with random garbage after the
closing HTML tag in the HTML body part. Presumably it was an attempt at Bayes
poison,
On 2022-02-08 at 04:28:16 UTC-0500 (Tue, 8 Feb 2022 01:28:16 -0800)
Loren Wilton
is rumored to have said:
>> No, I added that after observing multiple spams with random garbage after
>> the closing HTML tag in the HTML body part. Presumably it was an attempt at
>> Bayes poison, checksum
Frido Otten wrote:
Hi All,
Recently we're seeing more spam passing our spamfilters using text
obfuscating in the FROM header. The problem mainly targets users which
are using mail clients like iPhone Mail which are only displaying the
display name of the FROM header and not the actual email
On 2022-02-07 at 13:43:31 UTC-0500 (Mon, 07 Feb 2022 13:43:31 -0500)
Chad
is rumored to have said:
> I have been getting numerous emails lately from various gmail.com accounts.
>They are spam or phishing emails and today I got one that had a subject of
> RECEIPT 5454 and only a JPG image
John Hardin writes:
> On Mon, 7 Feb 2022, Greg Troxel wrote:
>
>> and then I got a reply back with the content he was trying to send etc.
>> But, it had:
>>
>> * 2.5 CONTENT_AFTER_HTML More content after HTML close tag
>>
>> but one was only text/plain and I could see nothing wrong.
I'd run "sh -x /etc/cron.daily/spamassassin"
to see what command in that file failed. I assume it is the sa-compile
command.
I got some more results.
Here are the steps I made:
1. Remove everything from /var/lib/spamassassin
2. Reinstall spamassassin package
3. Recreate
Hi All,
Recently we're seeing more spam passing our spamfilters using text
obfuscating in the FROM header. The problem mainly targets users which
are using mail clients like iPhone Mail which are only displaying the
display name of the FROM header and not the actual email address which
was
No, I added that after observing multiple spams with random garbage after
the closing HTML tag in the HTML body part. Presumably it was an attempt
at Bayes poison, checksum avoidance, or some other filter evasion
technique.
I'll tighten it up.
FWIW, here is the rule I use. It obviously
11 matches
Mail list logo
