This one works like magic .. Also on the new variant which seems to have been
released this weekend.
body L_DRUGS11 /([CVAXP] ){5}/
header L_DRUGS12 MESSAGEID =~
/^[EMAIL PROTECTED]/
meta L_DRUGS1 L_DRUGS11 L_DRUGS12
score L_DRUGS1 5
describe L_DRUGS1 Strange Message-ID and Spam signature in
I only got my hands on 3 of those, and they all have a very similar
Message-IDs
Message-ID: [EMAIL PROTECTED]
Message-ID: [EMAIL PROTECTED]
Message-ID: [EMAIL PROTECTED]
I have put the following on 2 of our SA servers, thanks for your
contribution:
bodyL_DRUGS11 /([CVAXP] ){5}/
I´m just wondering if I could reduce the memory usage with some config
change.
I´m using SpamAssassin 3.0.4 with ´spamd´ / spamc and each process uses about
20 MB + 14MB shared
Also, the load on the machine is usually 30-60% and I can't seem to pinpoint
where that is coming from.
It doesn't
Is here an easy way to exclude domains from eval:check_rbl_sub checks ?
It appears that hotmail.com hits DNS_FROM_RFC_ABUSE Because of political
reasons.
(Or at least reasons I don´t completely agree with)
See: http://www.rfc-ignorant.org/tools/lookup.php?domain=hotmail.com
Is there any way to
Can anyone explain to me what the URIBL_SBL rule does (I.e. which list Is
used)
I have an email that this rule catches because of a email address inside it.
The SpamAssassin report lists it as :
0.6 URIBL_SBL Contains an URL listed in the SBL blocklist
[URIs: gov.ru]
But no