On Fri, May 12, 2023 at 08:31:19AM -0400, Greg Troxel wrote:
>
> It might be more common, but it's very surprising to me, because the
> manual page documents that () works
Let's face it, lot of the stuff in SA including documentation is probably
over decade old. And documentation is always the
Henrik K writes:
> On Fri, May 12, 2023 at 07:12:35AM -0400, Greg Troxel wrote:
>> Henrik K writes:
>>
>> > From what I've seen, it's very uncommon to use this format. Why rely on
>> > some vague previously defined score, which can change at any time? Just
>> > set
>> > a static score you
On Fri, May 12, 2023 at 07:12:35AM -0400, Greg Troxel wrote:
> Henrik K writes:
>
> > From what I've seen, it's very uncommon to use this format. Why rely on
> > some vague previously defined score, which can change at any time? Just set
> > a static score you like and fits your system.
>
>
Henrik K writes:
> From what I've seen, it's very uncommon to use this format. Why rely on
> some vague previously defined score, which can change at any time? Just set
> a static score you like and fits your system.
It's not vague; it's the score which is defined by the distributed
rules.
On Thu, May 11, 2023 at 11:21:20AM -0400, Greg Troxel wrote:
>
> But is it good practice for the main distributed rules to rely on this
> default? It feels like a lint/pedantic error to define a rule that is
> not T_ or __ and does not have an assigned score. But maybe this is
> common and
Try something like this if I understand you correctly trying to score is a
__ rule:
meta OBFU_UNSUB_UL ( __OBFU_UNSUB_UL >=1 )
There are plenty of rules that are designed to be conditions in other meta
rules. Now that you've created a rule that relies on that condition you can
score the meta
Matus UHLAR - fantomas writes:
> On 11.05.23 10:58, Greg Troxel wrote:
>>I am seeing a lot of "claim your prize from X", where X is a known
>>company, coming from fresh foo.autos domains. I bet y'all are seeing
>>this too. Until these get on blocklists they don't score that high.
>>
>>One rule
On 11.05.23 10:58, Greg Troxel wrote:
I am seeing a lot of "claim your prize from X", where X is a known
company, coming from fresh foo.autos domains. I bet y'all are seeing
this too. Until these get on blocklists they don't score that high.
One rule that does hit is
OBFU_UNSUB_UL
which is
I am seeing a lot of "claim your prize from X", where X is a known
company, coming from fresh foo.autos domains. I bet y'all are seeing
this too. Until these get on blocklists they don't score that high.
One rule that does hit is
OBFU_UNSUB_UL
which is defined in 72_active.cf as meta, and
