://www.nabble.com/why-not-doing-a-test-that-checks-%22name%22-%3Cemail-address%3E-pairs-tf4288052.html#a12210954
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
other tests (e.g. BAYES_99, which already adds a pretty
high score).
--
View this message in context:
http://www.nabble.com/why-not-doing-a-test-that-checks-%22name%22-%3Cemail-address%3E-pairs-tf4288052.html#a12211144
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Aag_uk wrote on Sat, 18 Aug 2007 03:33:49 -0700 (PDT):
it´s quite unlikely that somebody tags any of
my users
as I said it may work for you, it will not work for the majority of SA
users. The whole effort and the FPs would not be worth it. If you don't
believe that, start coding.
Kai
--
account, that would look something like this:
realname_full = jayne cobb, hero of canton
realname_words = jayne, cobb, hero, canton
The generic real name match test would only trigger if the extracted real
name exactly (case in-sensitive) matched either jayne cobb or hero of
canton
Kai Schätzl wrote:
You don't understand at all. What gets put in the comment is up to the
sender.
They can put *everything* there and it's legit. You do not control it at all
and you do not send them a reply please change my name in your addressbook
to
xyz. It can be the name, a part
Hi,
I´m pretty new to SpamAssassin and maybe what I am saying is nonsense or
somebody else has suggested this, or the test already exists but I don´t
know how to configure it, anyway here is my question.
I´ve noticed that some spam messages not marked as spam by spamassassin (the
score
... The think is that
the email recepients (user1, user2, user3,...) are real, they exist in my
domain, but the names Peter, John, Mike have nothing to do with user1,
user2, user3, they are picked randomly. Wouldn´t be interesting to have a
test that checks the user name-email address pairs according to some
On Fri, 17 Aug 2007, aag_uk wrote:
These message are addressed to many people in my domain but the
names before the email address are random. To explain it more
clearly, for example, the recipient in the TO field is something
like this: John [EMAIL PROTECTED]. Very ofter the CC field
At 13:58 17-08-2007, Chris St. Pierre wrote:
That's an interesting idea, but it
a) is probably going to be quite resource-intensive;
Not really.
c) requires competent fuzzy matching so that, when a user sends mail
to Chris St. Pierre [EMAIL PROTECTED], it doesn't flag it
as spam because my
Hi,=20
I=C2=B4m pretty new to SpamAssassin and maybe what I am saying is nonsense =
or
somebody else has suggested this, or the test already exists but I don=C2=
=B4t
know how to configure it, anyway here is my question.
I=C2=B4ve noticed that some spam messages not marked as spam
I've been working on a new way to auto-generate body rules recently -- I
discussed it on my blog at http://taint.org/2007/03/05/134447a.html and
http://taint.org/2007/08/04/200125a.html . Anyway, the results are
checked into SVN trunk daily in the rulesrc/sandbox/jm/20_sought.cf
file.
We haven't
On 7/14/2007 3:49 PM, Eric A. Hall wrote:
Like other folks I've been getting hit with the PDF spam pretty hard. I
think the way to solve this and the image spam in general is to do a
plugin that does two things:
1) looks in the message to see if there is a binary attachment
2) looks in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Eric A. Hall schrieb:
Don't forget the ifplugin conditions:
ifplugin Mail::SpamAssassin::Plugin::MIMEHeader
mimeheader__L_C_TYPE_APP Content-Type =~ /^application/i
[..]
endif
- -- Matthias
-BEGIN PGP SIGNATURE-
Version:
?
Is there a way I can actually test the bayes data to be sure that it is
working properly? The bayes_seen table currently has 1,129,184 records
and is changing all the time, so SOMETHING is happening. For the most
part I have been using a mutt macro to learn spam/ham with sa-learn
--spam --single and --ham
SpamAssassin v3.2.3, Perl 5.8.8, Solaris 9
What would cause this error?
t/spamd_hup.ok 1/110# Failed test 5 in t/spamd_hup.t
at line 40
# t/spamd_hup.t line 40 is: ok (-e $pid_file) or warn $pid_file does
not exist post restart;
log/spamd.pid does not exist post
Hello,
I hope I'm doing this right. I'm trying to install an SA required
module, Net::DNS, and it fails one of the tests.
Running make test I see the following:
t/10-recurse...1..12
ok 1 - use Net::DNS::Resolver::Recurse;
ok 2 - The object isa Net::DNS::Resolver::Recurse
ok 3
Test.
Boardwalk for $500? In 2007? Ha! Play Monopoly Here and Now (it's updated for
today's economy) at Yahoo! Games.
http://get.games.yahoo.com/proddesc?gamekey=monopolyherenow
On Friday 27 July 2007 14:30:16 McDonald, Dan wrote:
On Fri, 2007-07-27 at 06:54 -0400, Chuck Payne wrote:
Hi,
I have five servers and it a bit of a pain to have to use webmin to
appy the same rules. What I like to do is create my own dictionary or
test file, so that I can just scp
is create my own dictionary or
test file, so that I can just scp it from the box that I have created
and test one.
If you know link that explain how to that would be really great.
just create a file with the extension .cf in the /etc/mail/spamassassin
directory.
Thanks
PS
Hi,
I have five servers and it a bit of a pain to have to use
webmin to appy the same rules. What I like to do is create my own
dictionary or test file, so that I can just scp it from the box that I
have created and test one.
If you know link that explain how
to that would be really great
Like other folks I've been getting hit with the PDF spam pretty hard. I
think the way to solve this and the image spam in general is to do a
plugin that does two things:
1) looks in the message to see if there is a binary attachment
2) looks in the AWL to see if the sender tuple is known
3)
Aren't spammer tuples in the AWL too? I thought that it averaged both ways;
Country AND Western.
Dan
-Original Message-
From: Eric A. Hall [mailto:[EMAIL PROTECTED]
Sent: Saturday, July 14, 2007 3:49 PM
To: users@spamassassin.apache.org
Subject: plugin to test attachments from unknown
At 12:49 14-07-2007, Eric A. Hall wrote:
Like other folks I've been getting hit with the PDF spam pretty hard. I
think the way to solve this and the image spam in general is to do a
plugin that does two things:
1) looks in the message to see if there is a binary attachment
2) looks in the
Jonathan Allen wrote:
Hi List,
So what's with 3.2.1 ? I'm running 3.1.8 and did the standard:
cpan Mail::SpamAssassin
Symptom of bug 5510 that affects 3.2.1:
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5510
Essentially, make test will always fail if run as root, which
/spamd_allow_user_rulesFAILED test 4
Failed 1/5 tests, 80.00% okay
t/spamd_plugin..FAILED tests 2, 4, 6
Failed 3/6 tests, 50.00% okay
Failed TestStat Wstat Total Fail List of Failed
, 55.56% okay
t/spamc_optLFAILED tests 1-16
Failed 16/16 tests, 0.00% okay
t/spamd_allow_user_rulesFAILED test 4
Failed 1/5 tests, 80.00% okay
t/spamd_plugin..FAILED tests 2, 4, 6
Failed 3/6 tests, 50.00% okay
Failed TestStat Wstat Total Fail List
We have a patch in development which fixes some platform-specific perl
setuid brokenness, but it needs testing on those 3 platforms with spamd.
The patch is at:
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5518#c18
and applies to SpamAssassin 3.2.1.
It should be possible to start a
I installed both patches and still get errors in some of the dnsbl
tests. Here is a possibly relevant section of t/log/d.dns/1 from a
system where the test succeeded:
[27718] dbg: check: running tests for priority: 500
[27718] dbg: async: select found 1 socks ready
[27718] dbg: uridnsbl
. [mailto:[EMAIL PROTECTED]
Sent: 13 June 2007 22:01
To: users@spamassassin.apache.org
Subject: make test dnsbl tests sporadically fail
When I run make test for v3.2.1, why do some of the dnsbl
tests sporadically fail? For instance
When I run make test for v3.2.1, why do some of the dnsbl tests
sporadically fail? For instance:
t/dnsbl.Not found: P_2 =
dns:134.88.73.210.dnsbltest.spamassassin.org [127.0.0.4]
# Failed test 1 in t/SATest.pm at line 635
Not found: P_7 =
dns:134.88.73.210
I recently saw this happening when testing. Is this stuff left over from some
older version, or something not installed?
What should I do with the undefined dependencies?
[29724] info: rules: meta test DIGEST_MULTIPLE has undefined
dependency 'DCC_CHECK'
[29724] info: rules: meta test
Martin Hochreiter wrote:
Daryl C. W. O'Shea schrieb:
---
trusted_networks 80.123.XXX.XXX
trusted_networks 80.122.XXX.XXX
internal_networks 192.168.1.0/24
internal_networks 192.168.2.0/24
internal_networks 127.0.0.1
---
I am using the SuSE rpm
Hi!
I am using spamassassin with amavis.
I sometimes get mails (Spam Mails) - not tagged with ***SPAM***
but tagged with the following header:
No, score=0 tagged_above=-999 required=1.7 tests=[none]
What does tests=[none] mean?
lg
Martin
Martin Hochreiter wrote:
Hi!
I am using spamassassin with amavis.
I sometimes get mails (Spam Mails) - not tagged with ***SPAM***
but tagged with the following header:
No, score=0 tagged_above=-999 required=1.7 tests=[none]
What does tests=[none] mean?
That's generated by amavis,
reports what it gets after calling SA.
The relevant code is in SpamAssassin/PerMsgStatus.pm, sub _get_tag:
TESTSSCORES = sub {
my $arg = (shift || ,);
my $line = '';
foreach my $test (sort @{$self-{test_names_hit}}) {
if (!$line) {
$line .= $test . = . $self
Actually the [none] comes directly from SpamAssassin, amavisd just
reports what it gets after calling SA.
The relevant code is in SpamAssassin/PerMsgStatus.pm, sub _get_tag:
TESTSSCORES = sub {
my $arg = (shift || ,);
my $line = '';
foreach my $test (sort @{$self
directly from SpamAssassin, amavisd just
reports what it gets after calling SA.
The relevant code is in SpamAssassin/PerMsgStatus.pm, sub _get_tag:
TESTSSCORES = sub {
my $arg = (shift || ,);
my $line = '';
foreach my $test (sort @{$self-{test_names_hit}}) {
if (!$line
Some messages here get tests=none. The two conditions I've found here
are 1) like Matt already mentioned, a timeout in communication using
spamc, or 2) the message was received totally within our network
(trusted/internal).
Perhaps maybe you don't have the trusted/internal networks set up
Martin Hochreiter wrote:
Some messages here get tests=none. The two conditions I've found here
are 1) like Matt already mentioned, a timeout in communication using
spamc, or 2) the message was received totally within our network
(trusted/internal).
Perhaps maybe you don't have the
Daryl C. W. O'Shea wrote:
I get now hints from the logfiles concerning a timeout,
my trusted/internal networks in local.cf are set as follwing
---
trusted_networks 80.123.XXX.XXX
trusted_networks 80.122.XXX.XXX
internal_networks 192.168.1.0/24
internal_networks
Matt Kettler wrote:
Daryl C. W. O'Shea wrote:
I get now hints from the logfiles concerning a timeout,
my trusted/internal networks in local.cf are set as follwing
---
trusted_networks 80.123.XXX.XXX
trusted_networks 80.122.XXX.XXX
internal_networks 192.168.1.0/24
Matt Kettler wrote:
Matt Kettler wrote:
Daryl C. W. O'Shea wrote:
I get now hints from the logfiles concerning a timeout,
my trusted/internal networks in local.cf are set as follwing
---
trusted_networks 80.123.XXX.XXX
trusted_networks 80.122.XXX.XXX
Daryl C. W. O'Shea schrieb:
---
trusted_networks 80.123.XXX.XXX
trusted_networks 80.122.XXX.XXX
internal_networks 192.168.1.0/24
internal_networks 192.168.2.0/24
internal_networks 127.0.0.1
---
I am using the SuSE rpm spamassassin-3.1.8-9.2
Is this how I send to the list ?
Daniel Aquino schrieb:
Is this how I send to the list ?
Congratulations you have made it ;-).
--
Grüsse/Greetings
MH
Dont send mail to: [EMAIL PROTECTED]
--
-failing-lint-test-tf3717236.html#a10399185
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
harp2812 wrote:
I have 3 mail servers with relatively identical configurations that I just
upgraded to MailScanner 4.59.4 and SpamAssassin 3.2.0. Two of them are
working fine, however on one of them, sa-compile won't run, due to the
spamassassin --lint check failing.
spamassassin --lint
://www.nabble.com/razor_timeout-in-mailscanner.cf-failing-lint-test-tf3717236.html#a10399367
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
FUN PROJECT:
Help Rob McEwen test his new anti-spam tools!
As many already know... I'm one of a **small** handful of organizations with
authority to blacklist and whitelist at will on SURBL and I've provided
much administrative assistance to SURBL for years, particularly in
preventing false
http://hege.li/howto/spam/spamassassin.html
Remove everything from Botnet.cf RULES-section and set it up this way:
Does the above line mean to remove from the # THE RULES?
regards
The last one is the lowest scoring here, look at the results:
For the first mail:
Content analysis details: (13.2 points, 5.0 required)
pts rule name description
--
--
-0.0 SPF_HELO_PASS SPF: HELO
Can anyone run any of these messages to see how your rules score them?
Mostly stock symbol spam. I've been improving our scoring with updates
today, but still not able to come up with any rules to cover these:
http://esmtp.webtent.net/mail1.txt
http://esmtp.webtent.net/mail2.txt
--- Robert Fitzpatrick [EMAIL PROTECTED] wrote:
Can anyone run any of these messages to see how your rules score
them?
Mostly stock symbol spam. I've been improving our scoring with
updates
today, but still not able to come up with any rules to cover these:
At 01:53 PM 4/9/2007, Robert Fitzpatrick wrote:
Can anyone run any of these messages to see how your rules score them?
Mostly stock symbol spam. I've been improving our scoring with updates
today, but still not able to come up with any rules to cover these:
http://esmtp.webtent.net/mail1.txt
We dont use Botnet anymore, it fires on anything/everything and drives
me nuts.
Content analysis details: (7.5 points, 5.0 required)
pts rule name description
--
--
1.5 FH_RELAY_NODNS We could
Peter Russell wrote the following on 4/9/2007 3:41 PM -0800:
We dont use Botnet anymore, it fires on anything/everything and drives
me nuts.
You must not have Botnet and/or your trusted_networks setup correctly then.
Bill
Bill Landry wrote:
Peter Russell wrote the following on 4/9/2007 3:41 PM -0800:
We dont use Botnet anymore, it fires on anything/everything and
drives me nuts.
You must not have Botnet and/or your trusted_networks setup correctly
then.
Bill
I am running Postfix+Amavisd-new+SA 3.1.7
Robert Fitzpatrick wrote the following on 4/9/2007 4:37 PM -0800:
Bill Landry wrote:
Peter Russell wrote the following on 4/9/2007 3:41 PM -0800:
We dont use Botnet anymore, it fires on anything/everything and
drives me nuts.
You must not have Botnet and/or your trusted_networks setup
I have my trusted network setup correctly - but botnet fires on so many
domains, domains which would normally like to trust.
Yes its entirely possible its not set up right...but i followed the
instructions as best i could.
Bill Landry wrote:
Robert Fitzpatrick wrote the following on
On one server I manage, I found Botnet to be a tremendous help in
tagging spam, but does produce some FPs, almost entirely because of
misconfigured DNS. After notifying several mail/network admins of
their fubar DNS, I got tired of trying to clean up the Internet and
throttled Botnet back to 4.5
an additional test, with a 'sent/recd' email, rather than just a file
test @ cmd_line, shows similarly,
with this image,
http://img181.imageshack.us/img181/2156/spamsc2.gif
attached to an otherwise blank email, on receipt, i see in FuzzyOCR.log,
2007-02-22 14:22:57 [27803] Processing
it ran ok, I sent the spamassassin
test email to myself and it was caught so everything seems to be working
as expected, however I would really like to know why the above error was
thrown.
Regards,
Michael
at the command line myself
expecting the same error but instead it ran ok, I sent the spamassassin
test email to myself and it was caught so everything seems to be working
as expected, however I would really like to know why the above error was
thrown.
Regards,
Michael
The creator of antidrug
to run spamassassin --lint at the command line myself
expecting the same error but instead it ran ok, I sent the spamassassin
test email to myself and it was caught so everything seems to be working
as expected, however I would really like to know why the above error was
thrown.
Regards
rollback because the file antidrug.cf.20070125-0029 did not
exist so I decided to run spamassassin --lint at the command line myself
expecting the same error but instead it ran ok, I sent the spamassassin
test email to myself and it was caught so everything seems to be working
as expected, however
2) pyzor_add_header isn't a valid config option. See perldoc
Mail::SpamAssassin::Plugin::Pyzor for more info. Perhaps you want to just
use the add_header option with the _PYZOR_ tag? (see perldoc
Mail::SpamAssassin::Conf for info on that)
I'm sorry I know how tired people get of
On Sun, Dec 31, 2006 at 05:30:39PM -0500, Vernon Webb wrote:
2) pyzor_add_header isn't a valid config option. See perldoc
Mail::SpamAssassin::Plugin::Pyzor for more info. Perhaps you want to just
use the add_header option with the _PYZOR_ tag? (see perldoc
Mail::SpamAssassin::Conf
That did it thanks. It was in the local.cf file.
In running a lint test on one of my boxes I get the following error which I
can't seem
to figure out why. Pyzor is installed and the path is correct:
[3075] warn: config: failed to parse line, skipping: pyzor_add_header 1
[3075] warn: lint: 1 issues detected, please rerun with debug enabled
In running a lint test on one of my boxes I get the following error which I
can't seem
to figure out why. Pyzor is installed and the path is correct:
[3075] warn: config: failed to parse line, skipping: pyzor_add_header 1
[3075] warn: lint: 1 issues detected, please rerun with debug enabled
I'm using 3.1.4 and I tried removing the line in the v310pre however I am still
get
that error.
assuming you're running a recent 31x ver of SA, that cmd is no longer
the way to enable pyzor ...
rather, this
loadplugin Mail::SpamAssassin::Plugin::Pyzor
is added to init.pre.
Vernon Webb wrote:
I'm using 3.1.4 and I tried removing the line in the v310pre however I am
still get
that error.
Erm, you're not supposed to remove it. You're supposed to ADD it, or if
it's already there, make sure it's not commented out with a #.
assuming you're running a
Erm, you're not supposed to remove it. You're supposed to ADD it, or if
it's already there, make sure it's not commented out with a #.
Well it was there and it was not commented out so I did comment it out but I am
still
get the error.
On Fri, Dec 29, 2006 at 07:56:09PM -0500, Vernon Webb wrote:
Well it was there and it was not commented out so I did comment it out but I
am still
get the error.
Ok, there's 2 things going on here.
1) You need the plugin loaded. It sounds like you have that, if the
loadplugin line is
disregard
Jean-Paul Natola
Network Administrator
Information Technology
Family Care International
588 Broadway Suite 503
New York, NY 10012
Phone:212-941-5300 xt 36
Fax: 212-941-5563
Mailto: [EMAIL PROTECTED]
and do a 'grep HELO *' and see
how much it comes up with.
-Sietse
-Original Message-
From: John van Oppen [mailto:[EMAIL PROTECTED]
Sent: Friday, December 22, 2006 23:54
To: users@spamassassin.apache.org
Subject: test of HELO addresses
So, what I am looking for is a test that looks up
-Original Message-
From: John van Oppen [mailto:[EMAIL PROTECTED]
Sent: Friday, December 22, 2006 5:54 PM
To: users@spamassassin.apache.org
Subject: test of HELO addresses
Received: from cpe-76-190-23-240.woh.res.rr.com (HELO earthlink.net)
(76.190.23.240)
by 0
Michael Scheidell wrote:
-Original Message-
From: John van Oppen [mailto:[EMAIL PROTECTED]
Is there a test that already does this?
SPF
I sure hope the SPF module is NOT using the HELO string for checking.
That would be incredibly broken.
-Original Message-
From: John Rudd [mailto:[EMAIL PROTECTED]
Sent: Saturday, December 23, 2006 10:48 AM
To: Michael Scheidell
Cc: John van Oppen; users@spamassassin.apache.org
Subject: Re: test of HELO addresses
Michael Scheidell wrote:
-Original Message-
From
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
John Rudd wrote:
Michael Scheidell wrote:
-Original Message-
From: John van Oppen [mailto:[EMAIL PROTECTED]
Is there a test that already does this?
SPF
I sure hope the SPF module is NOT using the HELO string for
checking. That would
Michael Scheidell wrote:
-Original Message-
From: John Rudd [mailto:[EMAIL PROTECTED]
Sent: Saturday, December 23, 2006 10:48 AM
To: Michael Scheidell
Cc: John van Oppen; users@spamassassin.apache.org
Subject: Re: test of HELO addresses
Michael Scheidell wrote:
-Original
So, what I am looking for is a test that looks up the HELO address in
DNS and compares it to the IP that it was sourced from.
I have some spam with the following received characteristics which would
have been a great demo for this possible test:
Received: from cpe-76-190-23-240.woh.res.rr.com
] and let the first adress to be
the normal adress of someone, while the second one is the
newsgroup-adress or an old invalid adress which has had a definte life
time. In both cases you can say - if both adresses are appearing, the
mail is spam.
b) Another interesting test may be the real names of thoose
I am using the latest and greatest production ver of SA. In it, there is
an SPF test and I am having issues with what it is comparing to. Below
is the email and the spf record. My emails fail when I remove this
ip4:10.1.3 but pass when I put it in. My issue is why is SA looking at
the original
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Since upgrading my FuzzyOcr from version 2.3b to version 3.4.2 I am seeing
these entries in the logs:
spamd[27790]: rules: failed to run FUZZY_OCR test, skipping:
spamd[27790]: Insecure dependency in require while running with -T switch at
/usr/lib
-Original Message-
From: Christian Recktenwald [mailto:[EMAIL PROTECTED]
Sent: Thursday, November 16, 2006 2:13 AM
To: David B Funk
Cc: users@spamassassin.apache.org
Subject: Re: simple TZ test (Re: current stock scams are easy to spot)
On Wed, Nov 15, 2006 at 11:14:12PM -0600
Michael Scheidell wrote:
Maybe extent the regex?
I'm using /\s[+-]\d\d(?!00|30|45)\d\d$/ which seems to be working well
(though so far all the spam it's hit has been scored pretty high by
other rules anyway).
John.
--
-- Over 3000 webcams from ski resorts around the world -
John Wilcock writes:
Michael Scheidell wrote:
Maybe extent the regex?
I'm using /\s[+-]\d\d(?!00|30|45)\d\d$/ which seems to be working well
(though so far all the spam it's hit has been scored pretty high by
other rules anyway).
SVN trunk has:
header AXB_FAKETZ Date =~
On Thu, 16 Nov 2006, Christian Recktenwald wrote:
On Wed, Nov 15, 2006 at 11:14:12PM -0600, David B Funk wrote:
You're trying too hard.
Look at that 'Date:' header, they've got a bogus time-zone value.
It's syntactically RFC-2822 correct but nonsense.
(One of my favorites was -0480 ;)
On 11/16/2006 12:55 PM, Justin Mason wrote:
John Wilcock writes:
Michael Scheidell wrote:
Maybe extent the regex?
I'm using /\s[+-]\d\d(?!00|30|45)\d\d$/ which seems to be working well
(though so far all the spam it's hit has been scored pretty high by
other rules anyway).
SVN trunk has:
On Fri, 10 Nov 2006, Tony Finch wrote:
They have a forged Received: line which has a by field containing the
domain of the recipient address, a for field which matches the From:
header, and an id field of the form XX-XX-XX (similar to Exim's
queue IDs, though Exim IDs are always
On Wed, Nov 15, 2006 at 11:14:12PM -0600, David B Funk wrote:
You're trying too hard.
Look at that 'Date:' header, they've got a bogus time-zone value.
It's syntactically RFC-2822 correct but nonsense.
(One of my favorites was -0480 ;)
Simple rule, so far no FPs:
# bogus timzones in
disregard
Jean-Paul Natola
Network Administrator
Information Technology
Family Care International
588 Broadway Suite 503
New York, NY 10012
Phone:212-941-5300 xt 36
Fax: 212-941-5563
Mailto: [EMAIL PROTECTED]
On Tuesday, October 31, 2006, 11:24:35 AM, John Hardin wrote:
On Tue, 31 Oct 2006, Kenneth Porter wrote:
--On Tuesday, October 31, 2006 8:28 AM +0100 Giampaolo Tomassoni
[EMAIL PROTECTED] wrote:
Ok. Why not combine an age check with Hardin's spam-friendly registar
plugin?
Where can I
On Wed, 1 Nov 2006, Jeff Chan wrote:
I haven't really offically released it yet.
http://www.impsec.org/~jhardin/SURBL_registrar/
FWIW I attemped to speed read John's code in about 2 seconds but
could not determine what ti had to do with SURBLs. Maybe John
can clarify?
The DNS server
On Mon, 30 Oct 2006, Jeff Chan wrote:
On Monday, October 30, 2006, 11:28:39 PM, Giampaolo Tomassoni wrote:
Ok. Why not combine an age check with Hardin's spam-friendly
registar plugin?
I mean, a brand-new domain from a SFR (Spam-friendly registar)
is really bad (scores 5?).
A
Jeff Chan wrote:
Generally speaking whois queries is a poor way to determine
domain age, at least for client applications. The whois
infrastructure is simply not designed to support the volume of
queries required, even if locally cached.
Perhaps CRISP is part of the answer to this problem.
--On Tuesday, October 31, 2006 8:28 AM +0100 Giampaolo Tomassoni
[EMAIL PROTECTED] wrote:
Ok. Why not combine an age check with Hardin's spam-friendly registar
plugin?
Where can I find out more about this plugin? I searched the wiki for
registrar and it doesn't turn up.
On Tue, 31 Oct 2006, Kenneth Porter wrote:
--On Tuesday, October 31, 2006 8:28 AM +0100 Giampaolo Tomassoni
[EMAIL PROTECTED] wrote:
Ok. Why not combine an age check with Hardin's spam-friendly registar
plugin?
Where can I find out more about this plugin? I searched the wiki for
On Tue, 31 Oct 2006, Giampaolo Tomassoni wrote:
Where can I find out more about this plugin? I searched the wiki for
registrar and it doesn't turn up.
http://www.impsec.org/~jhardin/SURBL_registrar/
It was on an Hardin's message (id
[EMAIL PROTECTED]) sent
yesterday to this list.
601 - 700 of 1032 matches
Mail list logo
