MySQL Student wrote: > Hi, > > After another day of hacking, I have a handful of general questions > that I hoped you could help me to answer. > > - How can I find the score of a particular rule, without having to use > grep? I'm concerned that I might find it at some score, only for it to > be redefined somewhere else that I didn't catch. Something I can do > from the command-line? > No, to be comprehensive you'd have to do a series of greps, one for the default set, site rules, and user_prefs.
You could probably make a little shell script to automate grepping all 3. > - How do I find out what servers razor is using? What is the current > license now that it's hosted on sf, or are the query servers not also > running there? It doesn't list any restrictions on the web site. > Wow.. the razor client has been hosted on SF for a LOOOOOOooooong time.. Like 6 years now? Regardless, the servers are operated by Vipul's company, cloudmark. Try running razor-admin -d -discover. Alternatively, look at razor's server.lst file. > - The large majority of the spam that I receive these days is a result > of a URL not being listed in one of the SBLs. I'm using SURBL, URIBL, > and spamcop. For example, I caught <censored> several hours > ago, and it's still not listed in any of the SBLs. Am I doing > something wrong or am I missing an SBL? Has anyone else's spam with > URLs increased a lot lately? > Note: domain censored, verizon's spam outbreak controls won't let me send the message with that domain in it right now. URIBLs have some inherent lag, and spammers are playing a race game with the URIBLs, trying to change domains faster than they get listed. Fortunately, the domain registrations cost the spammers money, so increasing the number of those they need is good. Personally, I find bayes tends to clean up most of what gets missed, although I auto-feed my bayes using spamtrap addresses that automatically submit to sa-learn --spam, resulting in very fresh spam training. Looking at uribl, they've currently got it listed in URIBL gold, but that's a non-free list of theirs. It's also a "proactive" list, so it will list domains before they send spam, making it more effective against mutating runs, but also might toss a FP or two on new domains. > Thanks, > Alex > > >
