Would you be able to share your regexp? I'm struggling to update my regexp to
catch the .php :)
Thanks
-------- Original Message --------
Subject: Re: Hacked Wordpress sites & Cryptolocker (03-Sep-2014 18:59)
From: David F. Skoll <d...@roaringpenguin.com>
To: spamassassin-li...@spectrumcs.net
> On Wed, 3 Sep 2014 10:49:50 -0700 (PDT)
> John Hardin <jhar...@impsec.org> wrote:
>
> > On Wed, 3 Sep 2014, David F. Skoll wrote:
>
> > > I think the FPs can be almost eliminated if we additionally insist
> > > the URL contain ".php" somwehere after the /wp-*/ component.
>
> > Right. That's what I'm adding to the versions I'm putting in my
> > sandbox.
>
> I'm testing versions that insist on .php and am getting very good
> results. Thanks to the OP for pointing this out!
>
> Regards,
>
> David.
>
>
> To: users@spamassassin.apache.org
To: d...@roaringpenguin.com
users@spamassassin.apache.org
DISCLAIMER
This email is for the use of the intended recipient(s) only. If you have
received this email in error, please notify the sender immediately and then
delete it.
If you are not the intended recipient, you must not keep, use, disclose, copy
or distribute this email without the authors prior permission.
We have taken precautions to minimise the risk of transmitting software
viruses, but we advise you to carry out your own virus checks on any attachment
to this message.
We cannot accept liability for any loss or damage caused by software viruses.
The information contained in this communication may be confidential and may be
subject to the attorney-client privilege.
If you are the intended recipient and you do not wish to receive similar
electronic messages from us in future then please respond to the sender to this
effect.
