Anybody have a rule for these ones?
<http://hasle.progenyid-com/> http://hasle.progenyid-com Important: Replace "-" with "." in the above link _____ From: Simon Marcil [mailto:[EMAIL PROTECTED] Sent: February 5, 2007 10:07 AM To: Martin.Hepworth Cc: users@spamassassin.apache.org Subject: RE: Spam making it through Thank you very much Martin. It has already been trigged twice Simon Marcil <mailto:[EMAIL PROTECTED]> [EMAIL PROTECTED] S3 Technologies inc. 3445 Parc Suite 201 Montreal (Québec) Canada, H2X 2H6 T. (514) 284-6262 C. (514) 570-7066 F. (514) 281-8982 <http://www.s3tech.ca> www.s3tech.ca _____ From: Martin.Hepworth [mailto:[EMAIL PROTECTED] Sent: February 5, 2007 9:25 AM To: Simon Marcil; users@spamassassin.apache.org Subject: RE: Spam making it through Simon I use this rule to find URLs with illegal characters in it.. # 2007-01-24 new rules (adapted from Henrik Krohns # <[EMAIL PROTECTED]> on SA list) # http:// [user [:password] @] # <legal uri characters> + <1 illegal char> + <legal chars> # + (<end of uri> or / or ? or :<port>) uri local_OBFUDOM /https?:\/\/([a-z0-9._\-]{1,30}(:[a-z0-9._\-]{1,30})?\@)?[a-z0-9._\-]{1,30}[ ^a-z0-9._\-\/:'[EMAIL PROTECTED],30}(?:$|\/|\?|:[0-9])/i describe local_OBFUDOM Domain contains illegal characters score local_OBFUDOM 1.1 body __obfdomreq1 /\b(?:remove|replace|substitute)\b/i body __obfdomreq2 /(?:\bdomain\b|\baddress\b|"[^"]"|'[^']')/i body __obfdomreq3 /\bImportant!/i meta __obfudomreq (__obfdomreq1 + __obfdomreq2 + __obfdomreq3) > 1 meta local_OBFDOMREQ (local_OBFUDOM && __obfudomreq) describe local_OBFDOMREQ Request to modify obfuscated domain score local_OBFDOMREQ 3.1 tune scores to best results youself -- Martin Hepworth Snr Systems Administrator Solid State Logic Tel: +44 (0)1865 842300 _____ From: Simon Marcil [mailto:[EMAIL PROTECTED] Sent: 05 February 2007 14:22 To: users@spamassassin.apache.org Subject: {Disarmed} Spam making it through ********************************************************************** Confidentiality : This e-mail and any attachments are intended for the addressee only and may be confidential. If they come to you in error you must take no action based on them, nor must you copy or show them to anyone. Please advise the sender by replying to this e-mail immediately and then delete the original from your computer. Opinion : Any opinions expressed in this e-mail are entirely those of the author and unless specifically stated to the contrary, are not necessarily those of the author's employer. Security Warning : Internet e-mail is not necessarily a secure communications medium and can be subject to data corruption. We advise that you consider this fact when e-mailing us. Viruses : We have taken steps to ensure that this e-mail and any attachments are free from known viruses but in keeping with good computing practice, you should ensure that they are virus free. Red Lion 49 Ltd T/A Solid State Logic Registered as a limited company in England and Wales (Company No:5362730) Registered Office: 25 Spring Hill Road, Begbroke, Oxford OX5 1RU, United Kingdom **********************************************************************
smime.p7s
Description: S/MIME cryptographic signature
