It seems that the new domains are appearing faster than I can keep up.
Continual manual updates by every SA admin seems unfeasible.
How does SA solve this problem?
> On Oct 13, 2015, at 2:33 AM, Paul Stead <paul.st...@zeninternet.co.uk> wrote:
>
> On 12/10/15 19:15, Larry Goldman wrote:
>> On Oct 2, 2015 6:47:41 am
>> RW wrote:
>>
>>>> On Thu, 1 Oct 2015 18:53:16 -0700
>>>> Larry Goldman wrote:
>>>> I?m running SpamAssassin on CPanel shared hosting (GoDaddy). For
>>>> several weeks, I?ve been inundated with spam from various new
>>>> top-level domains: .date, .win,, .faith, .racing. CPanel has options
>>>> for specifiying SpamAssassin rules, but no other configuration files
>>>> are readily available for modification.
>> Can you tell me more about rule updates?
>> Where are current rules documented?
> The improvements mentions are for detection of these new TLDs so that
> the URIs can be queried against blocklists and rules can be written for them
>> The problem I’m trying to solve is an avalanche of spam being sent
>> from various “new” top level domains, as enumerated in my original
>> post. What SA rule will remove these?
>
> I have something like the following:
>
> enlist_uri_host (NEWSPAMMY) date
> enlist_uri_host (NEWSPAMMY) win
> enlist_uri_host (NEWSPAMMY) faith
> enlist_uri_host (NEWSPAMMY) racing
>
> header PDS_OTHER_BAD_TLD eval:check_uri_host_listed('NEWSPAMMY')
> score PDS_OTHER_BAD_TLD 0.1
> describe PDS_OTHER_BAD_TLD Other untrustworthy TLDs
>
> --
> Paul Stead
> Systems Engineer
> Zen Internet
