You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Adam Katz <an...@khopis.com> on 2009/10/04 01:50:13 UTC
Re: [SA] .cn Oddity
Warren Togami wrote:
>>> The "Oddity" I was pointing out at the beginning of the thread is not
>>> prevalence of .cn URI's, but rather most of them appear to be exactly 8
>>> characters long. Could someone please commit my T_CN_8_URL rule to the
>>> sandbox so we can see if that trend holds beyond my own corpa?
>>
>> (And yes I'm fully aware even this narrowed rule is prejudiced and
>> unsafe. This is is partly out of curiosity, and also wondering if it
>> could be made useful if meta booleaned with something else.)
jdow then mused:
> I just had a thought, Warren. Look up Chinese numerology. 8 signifies
> wealth or sudden prosperity. Conversely, I suspect few Chinese names
> are four characters. Four is a pun on death. Some social sites might
> like 5 letters - me. 7 is right out, it's a vulgar word in Cantonese.
> 9 is also slang or vulgar in Cantonese.
>
> I wonder how many companies that deal with China have figured out that
> an "888" toll free number is WONDERFUL, "Wealth, wealth, wealth."
>
> I understand numerology is quite important to the Chinese. (Of course,
> I am not claiming to be an expert. The above is mostly Wikipoodle and
> surmise.)
8 is *extremely* important in Chinese culture. When running these
tests, make sure that there is a good quantity of .cn TLD URIs in the
ham before drawing any conclusions.
Re: .cn Oddity
Posted by John Hardin <jh...@impsec.org>.
On Sun, 4 Oct 2009, Karsten Br�ckelmann wrote:
> On Sun, 2009-10-04 at 09:59 -0400, Warren Togami wrote:
>> On 10/04/2009 12:21 AM, John Hardin wrote:
>
>>>> Right, in adding things to the sandbox it does not necessarily mean I
>>>> suggest they should become rules. I am mainly curious to see what the
>>>> results say.
>>>
>>> Warning: autopromotion
>>
>> Is there a way to prevent autopromotion for a particular rule?
>
> Yep, using tflags nopublish,
Done. Will be committed momentarily.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Warning Labels we'd like to see #1: "If you are a stupid idiot while
using this product you may hurt yourself. And it won't be our fault."
-----------------------------------------------------------------------
Approximately 9152160 firearms legally purchased in the U.S. this year
Re: .cn Oddity
Posted by Karsten Bräckelmann <gu...@rudersport.de>.
On Sun, 2009-10-04 at 09:59 -0400, Warren Togami wrote:
> On 10/04/2009 12:21 AM, John Hardin wrote:
> > > Right, in adding things to the sandbox it does not necessarily mean I
> > > suggest they should become rules. I am mainly curious to see what the
> > > results say.
> >
> > Warning: autopromotion
>
> Is there a way to prevent autopromotion for a particular rule?
Yep, using tflags nopublish, or explicitly naming the rule with a T_
prefix. Also see bug 5545 [1].
[1] https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5545
--
char *t="\10pse\0r\0dtu\0.@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8? c<<=1:
(c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
Re: [SA] .cn Oddity
Posted by Warren Togami <wt...@redhat.com>.
On 10/04/2009 12:21 AM, John Hardin wrote:
> On Sat, 3 Oct 2009, Warren Togami wrote:
>
>> On 10/03/2009 07:50 PM, Adam Katz wrote:
>>>
>>> 8 is *extremely* important in Chinese culture. When running these
>>> tests, make sure that there is a good quantity of .cn TLD URIs in the
>>> ham before drawing any conclusions.
>>
>> Right, in adding things to the sandbox it does not necessarily mean I
>> suggest they should become rules. I am mainly curious to see what the
>> results say.
>
> Warning: autopromotion
>
Is there a way to prevent autopromotion for a particular rule?
Warren
Re: [SA] .cn Oddity
Posted by John Hardin <jh...@impsec.org>.
On Sat, 3 Oct 2009, Warren Togami wrote:
> On 10/03/2009 07:50 PM, Adam Katz wrote:
>>
>> 8 is *extremely* important in Chinese culture. When running these
>> tests, make sure that there is a good quantity of .cn TLD URIs in the
>> ham before drawing any conclusions.
>
> Right, in adding things to the sandbox it does not necessarily mean I suggest
> they should become rules. I am mainly curious to see what the results say.
Warning: autopromotion
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Vista "security improvements" consist of attempting to shift blame
onto the user when things go wrong.
-----------------------------------------------------------------------
Approximately 9134220 firearms legally purchased in the U.S. this year
Re: [SA] .cn Oddity
Posted by Warren Togami <wt...@redhat.com>.
On 10/03/2009 07:50 PM, Adam Katz wrote:
>
> 8 is *extremely* important in Chinese culture. When running these
> tests, make sure that there is a good quantity of .cn TLD URIs in the
> ham before drawing any conclusions.
Right, in adding things to the sandbox it does not necessarily mean I
suggest they should become rules. I am mainly curious to see what the
results say.
Warren