spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jason Haar <Jason_H...@trimble.com>
Subject Re: 10_MBL.cf
Date Tue, 16 Sep 2014 20:17:30 GMT
On 17/09/14 06:13, Axb wrote:
> MBL has a history of borked ClamAV signatures exploding .cf files
>
> The idea of creating HUGE static files for URIs is reminds be of the
> times when Bill Stearns and Chris Santerre did something like it named
> BigEvil.cf , before the SpamcopURI plugin and SURBL showed  up... when
> was that? 2002? 2003?
>
The problem they face is that SURBL checks only work on domains - not
the "deep" URLs that contain malware/etc. So they are left with SA
regex. But you are correct - I gave it a test run and it totally nails spamd

It's still a good concept. Perhaps what we need is a URL RBL - maybe
lowercase-and-base64 dodgy URLs and then make a RBL that points to them?


-- 
Cheers

Jason Haar
Corporate Information Security Manager, Trimble Navigation Ltd.
Phone: +1 408 481 8171
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1



Mime
View raw message