Title: RE: So, when do we start handling [dot] in a URI
> -Original Message-
> From: Dallas L. Engelken
> This cycle will never stop until people stop pumping money into porn,
Hey now!!! Lets not get crazy!! :)
--Chris
Rick Measham wrote on Sat, 13 May 2006 12:38:16 +1000:
> Why bother with the lookup? Any mail that has something that looks
> enough like an obfuscated URL that we'd want to look it up should ring
> alarm bells that we don't need to look it up ..
You *can* do that. But that's a different matter
Bart Schaefer wrote on Fri, 12 May 2006 15:53:43 -0700:
> (1) Website maintainer uses technique X to obsure addresses on his site.
This has nothing to do with the topic. It's only that you think it is the
same. It is not, it's completely unrelated.
> (2) Spammer notices that his harvester fail
On 5/12/06, jdow <[EMAIL PROTECTED]> wrote:
<< jdow >> And you propose we do what instead?
Look for other characteristics of the messages that could be filtered.
I haven't seen any of these spams, so I don' t know what those might
be, but this can hardly be the *only* thing the spammer is doin
Theo Van Dinter wrote:
However, I don't really think we need to have SA doing this. IMO, if
spammers have to resort to obfuscating their domains in such a way that
people need to actively copy/paste/edit/copy/paste to get to their site...
If that's the theory, then why bother with SA at all? S
Kai Schaetzl wrote:
What's there to "invent"? The point is that these need to be identified as
URI. So, convert to URI and then lookup in SURBL.
Why bother with the lookup? Any mail that has something that looks
enough like an obfuscated URL that we'd want to look it up should ring
alarm bell
> -Original Message-
> From: Bart Schaefer [mailto:[EMAIL PROTECTED]
> Sent: Friday, May 12, 2006 5:54 PM
> To: users@spamassassin.apache.org
> Subject: Re: So, when do we start handling [dot] in a URI
>
> On 5/12/06, Kai Schaetzl <[EMAIL PROTECTED]> wrote:
>
From: "John Rudd" <[EMAIL PROTECTED]>
On May 12, 2006, at 15:53, Bart Schaefer wrote:
On 5/12/06, Kai Schaetzl <[EMAIL PROTECTED]> wrote:
Bart Schaefer wrote on Fri, 12 May 2006 07:34:05 -0700:
> So now that the spammers are using our own defenses against us, you
> suggest that we should inv
On May 12, 2006, at 15:53, Bart Schaefer wrote:
On 5/12/06, Kai Schaetzl <[EMAIL PROTECTED]> wrote:
Bart Schaefer wrote on Fri, 12 May 2006 07:34:05 -0700:
> So now that the spammers are using our own defenses against us, you
> suggest that we should invent the technology to defeat those
def
From: "Bart Schaefer" <[EMAIL PROTECTED]>
On 5/12/06, Kai Schaetzl <[EMAIL PROTECTED]> wrote:
Bart Schaefer wrote on Fri, 12 May 2006 07:34:05 -0700:
> So now that the spammers are using our own defenses against us, you
> suggest that we should invent the technology to defeat those defenses?
W
On 5/12/06, Kai Schaetzl <[EMAIL PROTECTED]> wrote:
Bart Schaefer wrote on Fri, 12 May 2006 07:34:05 -0700:
> So now that the spammers are using our own defenses against us, you
> suggest that we should invent the technology to defeat those defenses?
What's there to "invent"? The point is that
Bart Schaefer wrote on Fri, 12 May 2006 07:34:05 -0700:
> So now that the spammers are using our own defenses against us, you
> suggest that we should invent the technology to defeat those defenses?
What's there to "invent"? The point is that these need to be identified as
URI. So, convert to U
Jo wrote on Fri, 12 May 2006 16:41:38 +0200:
> punt, puntje, bolleke, bolletje, point, Punkt, punto, punkto. With 6000
> languages worldwide that's a lot of possible variations...
Not really, since most of that spam is in English and they rely on "common
knowledge", e.g. that "[dot]" means ".".
On Fri, 12 May 2006 11:47:33 -0700, "jdow" <[EMAIL PROTECTED]> wrote:
>From: "Jo" <[EMAIL PROTECTED]>
>
>> Bret Miller wrote:
>>> Seems spammers have taken up to doing what many of us have in posting
>>> e-mail addresses, putting [dot] instead of the . in the URL and telling
>>> people to replace
From: "Jo" <[EMAIL PROTECTED]>
Bret Miller wrote:
Seems spammers have taken up to doing what many of us have in posting
e-mail addresses, putting [dot] instead of the . in the URL and telling
people to replace it like this:
Welcome!
[E]rectile
[D]ysfunction?
We can help! Our site: ochhorfand
> -Original Message-
> From: Theo Van Dinter [mailto:[EMAIL PROTECTED]
> Sent: Friday, May 12, 2006 10:17
> To: users@spamassassin.apache.org
> Subject: Re: So, when do we start handling [dot] in a URI
>
> On Fri, May 12, 2006 at 10:12:40AM -0500, Dallas L. Engelk
o: users@spamassassin.apache.org
> Subject: Re: So, when do we start handling [dot] in a URI
>
> On Fri, May 12, 2006 at 07:34:05AM -0700, Bart Schaefer wrote:
> > So now that the spammers are using our own defenses against us, you
> > suggest that we should invent the techno
On Fri, May 12, 2006 at 10:12:40AM -0500, Dallas L. Engelken wrote:
> well, i dont consider them FPs, because i'm not writing any rules around
> it. its just so get_uri_list() picks them up as uris, and checks them
> against rhsbls.
Except the reason you don't want to change $_ in that loop is b
> -Original Message-
> From: Theo Van Dinter [mailto:[EMAIL PROTECTED]
> Sent: Friday, May 12, 2006 10:08
> To: users@spamassassin.apache.org
> Subject: Re: So, when do we start handling [dot] in a URI
>
> On Fri, May 12, 2006 at 09:58:55AM -0500, Dallas L. Engelken
On Fri, May 12, 2006 at 09:58:55AM -0500, Dallas L. Engelken wrote:
> as a quick workaround (in PerMsgStatus.pm), i have been using this since
> mid-march when i started seeing the (dot) and [dot] munging. i realize
> the NOTE in M::SA::PMS says not to alter $_, but it was the fastest way
> to so
> -Original Message-
> From: Bret Miller [mailto:[EMAIL PROTECTED]
> Sent: Friday, May 12, 2006 08:59
> To: users@spamassassin.apache.org
> Subject: So, when do we start handling [dot] in a URI
>
> Seems spammers have taken up to doing what many of us have in
> posting e-mail addresses,
Friday 12 May 2006 16:38m Theo Van Dinter wrote:
> However, I don't really think we need to have SA doing this. IMO, if
> spammers have to resort to obfuscating their domains in such a way that
> people need to actively copy/paste/edit/copy/paste to get to their site...
They already ofuscate thei
Bret Miller wrote:
Seems spammers have taken up to doing what many of us have in posting
e-mail addresses, putting [dot] instead of the . in the URL and telling
people to replace it like this:
Welcome!
[E]rectile
[D]ysfunction?
We can help! Our site: ochhorfando[dot]com ;) Don't forget to repl
On Fri, May 12, 2006 at 07:34:05AM -0700, Bart Schaefer wrote:
> So now that the spammers are using our own defenses against us, you
> suggest that we should invent the technology to defeat those defenses?
> And *then* what happens?
I haven't tried it, but always thought that detecting the straigh
On 5/12/06, Bret Miller <[EMAIL PROTECTED]> wrote:
Seems spammers have taken up to doing what many of us have in posting
e-mail addresses, putting [dot] instead of the . in the URL and telling
people to replace it
Gosh, exactly what "regular" people have been doing on web sites and
in news/list
25 matches
Mail list logo
