| Main Archive Page > Month Archives > spamassassin-users archives |
Re: Regex help
From: Adam Katz <antispam_at_nospam>Date: Fri Apr 22 2011 - 18:22:20 GMT
To: users@spamassassin.apache.org
Getting back to a viable solution to your actual spam problem...
> Adam Katz wrote:
>> How about this rule instead:
>>
>> blacklist_from *@regionstargpsupdates.com
On 04/21/2011 04:37 PM, Kevin Miller wrote:
> Yes, but then I'm playing whack-a-mole. Looking at the spam in html
> format (i.e., in the original email) one can see a similarities in
> style - probably produced from a template. But the domain varies
> widely. I may get anywhere from a half dozen to several dozen from
> any one domain, then never see that domain again. Classic botnet
> behaviour. These guys cycle through domains and from addresses
> regularly.
Okay, I couldn't tell that from your single sample. Perhaps you can
post a few more?
If it's easier to post in one pass, you can use the following shell code
(as adjusted to include the proper files rather than my guesses) to
generate a fake mbox file (/tmp/dump) and then paste that into a pastebin:
for msg in p3LJZSnX024470 p3LJZSnX024471 p3LJZSnX024472 p3LJZSnX024473;
do echo "From $msg@KM" >>/tmp/dump; cat "$msg" >>/tmp/dump; done
Fun note: pastebin.com now supports email syntax highlighting!