Re: [Fwd: Preliminary investigation were started]

To: debian-user@lists.debian.org
Subject: Re: [Fwd: Preliminary investigation were started]
From: Wayne Topa <brittman@capital.net>
Date: Sat, 17 Jan 2004 16:16:01 -0500
Message-id: <[🔎] 20040117211601.GB3396@dmcom.net>
Mail-followup-to: debian-user@lists.debian.org
Reply-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 4009A446.8010909@techhouse.org>
References: <[🔎] 4005B785.2050401@bumpycarrot.cjb.net> <[🔎] slrnc0bemu.mk5.spam@home.bounceswoosh.org> <[🔎] 20040116222333.GA6868@dmcom.net> <[🔎] 200401171050.09256.richard@the-place.net> <[🔎] 20040117171526.GA3396@dmcom.net> <[🔎] 4009A446.8010909@techhouse.org>

Travis Crump(pretzalz@techhouse.org) is reported to have said:
> Wayne Topa wrote:
> >Richard Lyons(richard@the-place.net) is reported to have said:
> >
> >>On Friday 16 January 2004 22:23, Wayne Topa wrote:
> >>[...]
> >>
> >>>I have a mailfilter rule that deletes mail without an
> >>>originating Message-ID: and it has not had a false positive in over 3
> >>>months now.
> >>
> >>[...]
> >>Would you care to share with those like me who can't immediately see how 
> >>to do it how exactly is that filter set up?
> >>
> >
> >^Message-Id:.*smtp[0-9]\.your\.isp
> >
> >It is easy if you can find a spam message with your ISP in the
> >Message-Id: header.  ie
> >egrep "^Message-Id:.*\.your\.isp" logs/mailfilterlog
> >
> >Note that my ISP, capital.net, is NOT what I found in the Message-ID.
> >It was their smtp server address and it varied, so I had to write the
> >rule accordingly.
> >
> >:-) HTH, YMMV, HAND :-)
> >Wayne
> >
> 
> That rule would match roughly one third of my legitimate non-list 
> mail...[and only one fifth of my spam by comparison]

SCORE=100
SCORE -100 =^Message-Id:.*smtp[0-9]\.your\.isp 

Is how I use it, and as I said, "no false positives in over 3 months"

I also said

HTH=Hope This Helps, YMMV=Your Mileage May Vary, HAND=Have A Nice Day

Wayne

-- 
Real programmers don't draw flowcharts.  Flowcharts are, after all, the
illiterate's form of documentation.  Cavemen drew flowcharts; look how
much good it did them.
_______________________________________________________

Reply to:

Follow-Ups:
- Re: [Fwd: Preliminary investigation were started]
  - From: Wayne Topa <brittman@capital.net>

References:
- [Fwd: Preliminary investigation were started]
  - From: Joseph Jones <joe@bumpycarrot.cjb.net>
- Re: [Fwd: Preliminary investigation were started]
  - From: "Monique Y. Herman" <spam@bounceswoosh.org>
- Re: [Fwd: Preliminary investigation were started]
  - From: Wayne Topa <brittman@capital.net>
- Re: [Fwd: Preliminary investigation were started]
  - From: Richard Lyons <richard@the-place.net>
- Re: [Fwd: Preliminary investigation were started]
  - From: Wayne Topa <brittman@capital.net>
- Re: [Fwd: Preliminary investigation were started]
  - From: Travis Crump <pretzalz@techhouse.org>

Prev by Date: Re: Sony PCI Memory Stick Reader
Next by Date: Re: unable to connect with gaim to yahoo messenger
Previous by thread: Re: [Fwd: Preliminary investigation were started]
Next by thread: Re: [Fwd: Preliminary investigation were started]
Index(es):
- Date
- Thread