You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@spamassassin.apache.org by John Hardin <jh...@impsec.org> on 2009/10/03 01:55:28 UTC
Update of ADVANCE_FEE
All:
As some of you may have noticed, I've been playing around with
lots-of-money and various lottery and fraud rules in my sandbox, and been
getting passably good results.
I noticed that several other sandboxes have similar rules - and I've been
shamelessly snitching bits of others' lots-of-money-style rules to improve
my own.
I am preparing to do a re-evolve of the ADVANCE_FEE rules based on the
rulesets I've developed and probably a few __MUMBLE rules picked from
others' sandboxes. I hope to have a first attempt sometime Sunday, if the
nightly masschecks use my updated rules overnight tonight. The results
will be posted to my sandbox for eval. If things go well I'll offer the
new rules as a bug for consideration.
Just FYI.
In support of this: Is there an easy way to grab all the log files from a
given nightly masscheck run?
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
The problem is when people look at Yahoo, slashdot, or groklaw and
jump from obvious and correct observations like "Oh my God, this
place is teeming with utter morons" to incorrect conclusions like
"there's nothing of value here". -- Al Petrofsky, in Y! SCOX
-----------------------------------------------------------------------
Approximately 9095580 firearms legally purchased in the U.S. this year
Re: Update of ADVANCE_FEE
Posted by John Hardin <jh...@impsec.org>.
On Fri, 2 Oct 2009, Warren Togami wrote:
> On 10/02/2009 10:21 PM, John Hardin wrote:
>> On Sat, 3 Oct 2009, Mark Martinec wrote:
>>
>> > On Saturday October 3 2009 01:55:28 John Hardin wrote:
>> > > In support of this: Is there an easy way to grab all the log files
>> > > from a
>> > > given nightly masscheck run?
>> >
>> > That should do I suppose:
>> >
>> > rsync -av --old-d rsync://jhardin@rsync.spamassassin.org/corpus/
>> > wherever/
>>
>> {attempts to drink from firehose}
>>
>> How about this:
>>
>> rsync -avz --old-d
>> rsync://jhardin@rsync.spamassassin.org/corpus/*am-bb-*.log .
>
> If you rsync from there, you might be getting partial results from different
> days of masschecks?
>
> It seems that the ruleqa system copies and gzip's logs for each day
> elsewhere. That is the data you really want if you want a particular day of
> masschecks?
Probably, yes.
This might be sufficient, though - it looks like *.log are stable, and
*.log~ are being written to. I've rsync'd a couple of times and the *.log
files aren't coming down every time.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Gun Control enables genocide while doing little to reduce crime.
-----------------------------------------------------------------------
Approximately 9101100 firearms legally purchased in the U.S. this year
Re: Update of ADVANCE_FEE
Posted by Warren Togami <wt...@redhat.com>.
On 10/02/2009 10:21 PM, John Hardin wrote:
> On Sat, 3 Oct 2009, Mark Martinec wrote:
>
>> On Saturday October 3 2009 01:55:28 John Hardin wrote:
>>> In support of this: Is there an easy way to grab all the log files
>>> from a
>>> given nightly masscheck run?
>>
>> That should do I suppose:
>>
>> rsync -av --old-d rsync://jhardin@rsync.spamassassin.org/corpus/
>> wherever/
>
> {attempts to drink from firehose}
>
> How about this:
>
> rsync -avz --old-d
> rsync://jhardin@rsync.spamassassin.org/corpus/*am-bb-*.log .
>
If you rsync from there, you might be getting partial results from
different days of masschecks?
It seems that the ruleqa system copies and gzip's logs for each day
elsewhere. That is the data you really want if you want a particular
day of masschecks?
Warren
Re: Update of ADVANCE_FEE
Posted by John Hardin <jh...@impsec.org>.
On Sat, 3 Oct 2009, Mark Martinec wrote:
> On Saturday October 3 2009 01:55:28 John Hardin wrote:
>> In support of this: Is there an easy way to grab all the log files from a
>> given nightly masscheck run?
>
> That should do I suppose:
>
> rsync -av --old-d rsync://jhardin@rsync.spamassassin.org/corpus/ wherever/
{attempts to drink from firehose}
How about this:
rsync -avz --old-d rsync://jhardin@rsync.spamassassin.org/corpus/*am-bb-*.log .
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Gun Control laws cannot reduce violent crime, because gun control
laws assume a violent criminal will obey the law.
-----------------------------------------------------------------------
Approximately 9099720 firearms legally purchased in the U.S. this year
Re: Update of ADVANCE_FEE
Posted by Mark Martinec <Ma...@ijs.si>.
On Saturday October 3 2009 01:55:28 John Hardin wrote:
> In support of this: Is there an easy way to grab all the log files from a
> given nightly masscheck run?
That should do I suppose:
rsync -av --old-d rsync://jhardin@rsync.spamassassin.org/corpus/ wherever/
Mark
Re: Update of ADVANCE_FEE
Posted by Henrik Krohns <he...@hege.li>.
On Fri, Oct 02, 2009 at 04:55:28PM -0700, John Hardin wrote:
> All:
>
> As some of you may have noticed, I've been playing around with
> lots-of-money and various lottery and fraud rules in my sandbox, and been
> getting passably good results.
>
> I noticed that several other sandboxes have similar rules - and I've been
> shamelessly snitching bits of others' lots-of-money-style rules to
> improve my own.
Feel free to grab. :-) I've never time to do anything, would be happy to
ditch my rules..