On Tue, 18 Dec 2018, Mark London wrote:
However, I think the BITCOIN_PAY_ME rule need a bit of fine tuning, to catch other emails. Like the one below, which escaped triggering the rule.
That one is, intentionally, simple.
A constant battle between spam rules, and bad English grammar.
...or even good, yet complex, English grammar. Nowhere does this one *directly* say "send me $X or you're dead."
If there was some other clear wording of the "send me money" concept, it would be reasonable to extend "BITCOIN_PAY_ME" to cover that.
Maybe I should say the hell with it, and simply block any email sent to me, with a bitcoin address in it. :) - Mark
Bitcoin whitelisting is trending to become the correct approach. That's easy:
meta BITCOIN_POISONED __BITCOIN_ID && !__LOCAL_BITCOIN_WHITELIST score BITCOIN_POISONED 10.000 # poison pill __LOCAL_BITCOIN_WHITELIST is an exercise for the student... :) -- John Hardin KA7OHZ http://www.impsec.org/~jhardin/ jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 ----------------------------------------------------------------------- "Bother," said Pooh as he struggled with /etc/sendmail.cf, "it never does quite what I want. I wish Christopher Robin was here." -- Peter da Silva in a.s.r ----------------------------------------------------------------------- 6 days until Christmas
