-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Matt Kettler wrote:
...snip...
Here's one, if you want to see it:
http://mywebpages.comcast.net/mkettler/spam.jpg
There's pretty close to zero chance that anyone in the US is going to hop on a
plane and fly to Guatemala to buy ordinary lawn
On Apr 13, 2006, at 9:46 PM, Kenneth Porter wrote:
On Thursday, April 13, 2006 10:32 PM -0600 Paul R. Ganci
[EMAIL PROTECTED] wrote:
Unfortunately I am still a linguistic idiot and only speak English
... a
Buffalo, NY version at that! My grand parents came over from Italy in
1920 and
mouss wrote:
and I've got plenty of users that speak
multiple languages, not all of which use plain-ascii.
I guess so. now I'm not sure our situation isn't worst because people
tried to find non standard solutions that are still used. I still
remember the days when some customers
On Thu, 2006-04-13 at 23:38, John Rudd wrote:
And, reiterating Kenneth's question: Anyone have advice for an almost
middle-aged person who wants to go about expanding his natural
language
capabilities?
There was an article in Newsweek a few weeks back about language
immersion vacations.
On Freitag, 14. April 2006 06:32 Paul R. Ganci wrote:
Start young when it is easy for kids to pick up the sounds.
Yes, my daughter has the advantage of learning german with me, french
with my wife, and later at school she will learn english anyway.
Still, people in Belgium have it more easy:
[2006-04-14 08:38:46] John Rudd,
I wish to start by greeting the list; I am a recent addition and I have been
lurking for the past two weeks. You guys already make enough traffic. :-)
JR And, reiterating Kenneth's question: Anyone have advice for an almost
JR middle-aged person who wants to go
On Freitag, 14. April 2006 06:46 Kenneth Porter wrote:
To those of you who've successfully learned 2nd and 3rd languages as
an adult, what do you recommend for accomplishing that?
There are books called Assimil, because you just assimilate the
language with them, learning in a very natural way
[2006-04-14 06:46:51] Kenneth Porter,
KP To those of you who've successfully learned 2nd and 3rd languages as an
KP adult, what do you recommend for accomplishing that?
As soon as you finish the basic/intermediate courses, find a penpal, or more
than one, as soon as you can. With the Internet
On Apr 14, 2006, at 12:40 AM, Michael Monnerie wrote:
On Freitag, 14. April 2006 06:32 Paul R. Ganci wrote:
Start young when it is easy for kids to pick up the sounds.
Yes, my daughter has the advantage of learning german with me, french
with my wife, and later at school she will learn
On Thu, 2006-04-13 at 23:38, John Rudd wrote:
And, reiterating Kenneth's question: Anyone have advice for an almost
middle-aged person who wants to go about expanding his natural language
capabilities?
There was an article in Newsweek a few weeks back about language
immersion vacations.
Hi,
to read this in other words: while certain analysts (and definitlely microsoft
marketing)
claim that about 50 % of all servers is running windows, these figures tend to
say that
real mail servers (those that deliver the ham part of mail) rarely ever run XP
but that this OS is the best
Mark Martinec wrote:
The most interesting part in my view is not the IP distance, but the
type of OS, illustrated by the following table (derived from the same
data as fig2):
p0f OS guessham : spam
-
Windows-XP0.7 % : 99.3 %
Windows-2000
to read this in other words: while certain analysts (and definitlely
microsoft marketing)
claim that about 50 % of all servers is running windows, these figures
tend to say that
real mail servers (those that deliver the ham part of mail) rarely ever
run XP
but that this OS is the best
Wolfgang, Loren,
real mail servers (those that deliver the ham part of mail) rarely ever
run XP but that this OS is the best candidate for creating a spam zombie
Not completely unreasonable. XP is targeted within MS as a personal or
very small company OS. The equivalent of a linux/unix
Mark Martinec wrote:
I guess Windows Server 2003 is reported as Windows 2000, but I don't know.
Certainly a couple of very large sites are seen as Windows 2000.
In the UNKNOWN category there must be a mix of Windows and Unix hosts,
not sure what is unusual about them.
Mark
Hmm... FWIW:
On Apr 13, 2006, at 12:12 AM, Loren Wilton wrote:
I'd like to venture the suggestion that the percentage of spam from XP
isn't
necessarily an indication of inherent buggyness. It is more an
indication
that it is an OS for Clueless Noobs who haven't a clue about
maintaining a
system,
John Rudd wrote:
While I don't disagree with your assessment of XP systems, I have a
different hunch about why such a large percentage of the mail coming
from XP systems is spam, and a smaller percentage of mail coming from
the other systems is spam:
a) In general, XP systems are not
On Apr 13, 2006, at 9:56 AM, mouss wrote:
I am also seing many legit mail trigering some SA rules (*_exess,
no_real_name, x_library, ...). when I see this, I check the rule, and
if I can't find a justification, I disable it.
I wouldn't do that.
Just because legitimate mail triggers
mouss wrote:
I also understand that US guys may get less encoded subjects, but at least in
.fr, we have that all the time (because of our accented letters, and because
many companies still use software that predates mime). and if I find a
legitimate IP in a dnsbl used by SA, then I just
Matt Kettler wrote:
mouss wrote:
I also understand that US guys may get less encoded subjects, but at least in .fr, we have that all the time (because of our accented letters, and because many companies still use software that predates mime). and if I find a legitimate IP in a dnsbl used by SA,
mouss wrote:
However, it is true that the vast majority of the corpus currently
comes from
folks who speak English (King's or Yankee) as a primary language, and
that's a
bit of a problem as it creates considerable bias in the rules.
And even us US folks do have encoding issues. After all,
On Apr 13, 2006, at 11:40 AM, mouss wrote:
Matt Kettler wrote:
And even us US folks do have encoding issues. After all, English is
not our
official language here in the US,
what do you mean here? what would be your official language?
The US doesn't have an official language.
By
states like California where it could matter (reducing costs in govt
overhead by eliminating multiple languages and the requirement for
multilingual workers), the English as state language supporters are
afraid of what almost happened in Florida.
Considering that at last census a minority of
Loren Wilton wrote:
I predict that the US will be the first country in the 21th century to
abandon English as the national language, while almost all other countries
seem to be mandating that their citizens learn English.
Loren
The problem with the US is that we are linguistic idiots
On Thursday, April 13, 2006 10:32 PM -0600 Paul R. Ganci
[EMAIL PROTECTED] wrote:
Unfortunately I am still a linguistic idiot and only speak English ... a
Buffalo, NY version at that! My grand parents came over from Italy in
1920 and promptly stopped speaking Italian around my parents. It
Theo Van Dinter writes:
On Tue, Apr 11, 2006 at 02:14:26PM -0400, Matt Kettler wrote:
Well, SA automatically ignores attachments in recent versions. However,
hash-based plugins like razor, dcc, and pyzor work best when seeing all the
attachments.
For completeness, the first sentence
That's excellent data! Mind if I forward that around to another
list or two?
The hops measurement is particularly interesting. Have you got that
implemented as a working rule, in the field? is it expensive?
--j.
Mark Martinec writes:
mouss wrote:
since most filters skip large messages,
Matt Kettler writes:
These spams I get from .gt don't offer any kind of online ordering. They
are ads that you'd have to physically travel to the store in Guatemala
to take advantage of them. They're ordinary weekly sales fliers for an
ordinary local store that's so small that only 6 cars can
Justin,
Mark Martinec writes:
As a curiosity (but off topic), harvesting results from p0f
(passive operating system fingerprinting), here are two more:
http://www.ijs.si/software/amavisd/fig1.gif
Spam score vs. IP distance in hops (our server is
in European academic network
since most filters skip large messages, it may be tempting for spammers
to send large messagess:
- using a large but invisible part (either by using mime and putting a
large text part in an alternative mime, or using invisible chars
before their own text).
- using a large image
- large
mouss wrote:
since most filters skip large messages, it may be tempting for spammers
to send large messagess:
- using a large but invisible part (either by using mime and putting a
large text part in an alternative mime, or using invisible chars
before their own text).
- using a large
On Tue, Apr 11, 2006 at 02:14:26PM -0400, Matt Kettler wrote:
Well, SA automatically ignores attachments in recent versions. However,
hash-based plugins like razor, dcc, and pyzor work best when seeing all the
attachments.
For completeness, the first sentence isn't exactly true.
SA
Theo Van Dinter wrote:
On Tue, Apr 11, 2006 at 02:14:26PM -0400, Matt Kettler wrote:
Well, SA automatically ignores attachments in recent versions. However,
hash-based plugins like razor, dcc, and pyzor work best when seeing all the
attachments.
For completeness, the first sentence isn't
On Tue, Apr 11, 2006 at 02:46:41PM -0400, Matt Kettler wrote:
Of course, this can't work if you're using any kind of encapsulation options
in
report_safe, but since MailScanner does all the markup itself, it doesn't hurt
it to send Mail::SpamAssassin a truncated version. Converting this to
Theo Van Dinter wrote:
On Tue, Apr 11, 2006 at 02:46:41PM -0400, Matt Kettler wrote:
Of course, this can't work if you're using any kind of encapsulation options
in
report_safe, but since MailScanner does all the markup itself, it doesn't
hurt
it to send Mail::SpamAssassin a truncated
mouss wrote:
since most filters skip large messages, it may be tempting for spammers
to send large messagess:
I did some statistical analysis few weeks ago with SA 3.1.1
(SA called from amavisd-new, but that is beside the point).
Please see:
http://www.ijs.si/software/amavisd/fig4.gif
Mark Martinec wrote:
http://www.ijs.si/software/amavisd/fig1.gif
Spam score vs. IP distance in hops (our server is
in European academic network Geant)
This one is amazing. there seems to be an empty space (most mail has
nhops = 10 or = 14). I would guess that most ham wih large
mouss wrote:
I would conjecture that most legitimate mail has two real hops (the
sending MTA and the receiving MTA).
That would be one hop.
On Tuesday, April 11, 2006 2:14 PM -0400 Matt Kettler
[EMAIL PROTECTED] wrote:
I've not seen it with dummy text, but I have seen the large image spam.
However, it's very rare. The problem being that if you're a large-volume
spammer, large messages take a longer time to send, and thus reduce
Kenneth Porter wrote:
You can also impose this cost on spammers by enabling the GreetPause
feature in the more recent versions of sendmail. This tells sendmail not
to answer right away when receiving a connection, and to drop the
connection if anything is received before the greeting is sent
You can also impose this cost on spammers by enabling the GreetPause
feature in the more recent versions of sendmail. This tells sendmail not
to answer right away when receiving a connection, and to drop the
connection if anything is received before the greeting is sent out. This
punishes slammer
Mike Jackson wrote:
You can also impose this cost on spammers by enabling the GreetPause
feature in the more recent versions of sendmail. This tells sendmail not
to answer right away when receiving a connection, and to drop the
connection if anything is received before the greeting is sent out.
[EMAIL PROTECTED] wrote:
mouss wrote:
I would conjecture that most legitimate mail has two real hops (the
sending MTA and the receiving MTA).
That would be one hop.
depends on how you count:
MUA - my MTA1 - your MTA - your mailbox
that's two MTAs, so that's two hops. I prefer to
mouss wrote:
so greetpause will certainly stop some ratware spam, but is not a
full solution.
Agreed. Spammers have access to all the free CPU bandwidth and processing time
they can steal - legitimate MTAs are limited to a budget. Any anti-spam
solution that simply rewards CPU and bandwidth
mouss wrote:
- multiple internal hops at either sender or receiver (I have N Received
headers added by my own MTA. and for mail fetched from an MSP, there are
still more).
Actually, if I'm reading this right, it's the number of IP hops between
the sending server and the receiving server --
Am Dienstag, 11. April 2006 22:28 schrieb mouss:
[EMAIL PROTECTED] wrote:
mouss wrote:
I would conjecture that most legitimate mail has two real hops
(the sending MTA and the receiving MTA).
That would be one hop.
depends on how you count:
MUA - my MTA1 - your MTA - your
Kelson wrote:
Actually, if I'm reading this right, it's the number of IP hops
between the sending server and the receiving server -- in other
words, how many lines you'd see if you were on the receiving server
and ran traceroute to the sending MTA.
Ah... that makes much more sense :)
--
Matt Kettler wrote:
There's only one spammer that's done this to me. There's some group of stores in
Guatemala that sends me high-res scans of their newspaper.
Consejeros en Finanzas Empresariales, some kind of bank
La Cuacao - some kind of electronics shop? or an eye doctor?
cefesa hardware
mouss wrote:
Matt Kettler wrote:
Why anyone in Guatemala thinks I'll visit their store to spend Q. 22
on a
patio log fake fire log or Q. 85 on a generic brand weed and feed
fertilizer
is beyond me.
dunno, but I can tell you that the net if full of people who love me and
want me good.
On Tuesday April 11 2006 23:17, Kelson wrote:
mouss wrote:
- multiple internal hops at either sender or receiver (I have N
Received headers added by my own MTA. and for mail fetched from an MSP,
there are still more).
Actually, if I'm reading this right, it's the number of IP hops
On Tuesday, April 11, 2006 1:37 PM -0700 [EMAIL PROTECTED] wrote:
Agreed. Spammers have access to all the free CPU bandwidth and
processing time they can steal - legitimate MTAs are limited to a budget.
Any anti-spam solution that simply rewards CPU and bandwidth spent* is
playing into the
51 matches
Mail list logo
