> On Fri, 2011-10-28 at 02:07 +0200, Loic Condette wrote:
>> I just received a spam which match the following rules:
>
> Are we really talking about a single spam message that slipped past SA?
Yes, indeed. May I ask why?
>
>> The problem here is that I could not find a description for the
>> following
>> rules...
> [...]
>> So I can't really know what these rules match and tweak their scores.
>
> Use the source, Luke.
>
> Rules are generally just regular expressions, matched against some
> defined portions of the message. Or logical expressions of other rules.
> And you got the rules. (And the docs.)
>
> While noting that some descriptions lack information might be legit
> indeed, I believe no one should "tweak the scores" merely going by the
> description, not understanding what the rule fundamentally matches and
> thus scores. In cases like the mentioned rules, a good understanding of
> RFCs and actually observed behavior in ham and spam also is vital.
Well, honestly, please forgive me but I'm not (yet) the kind to be able to
decode your sig.
Does that mean that i do not have the right to use SA?
You probably should hunt cellphone users for using their cellphone without
knowing anything about SS7 :)
>
>
> --
> char
> *t="\10pse\0r\0dtu\0.@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
> main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8?
> c<<=1:
> (c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0;
> }}}
>
>
--
Yanek
