Mailing List Archive

Updated: 90_axb_fraud.cf
I've run a small update of 90_axb_fraud.cf

https://sourceforge.net/projects/sare/

As nobody except John Hardin has shown up to contribute data, this is
the last update I'll release as it requires massive fresh data to make
the work worthwhile.

enjoy...

--
Do not use SARE rules - use sa-update
Re: Updated: 90 axb fraud.cf [ In reply to ]
Den 2012-03-15 12:34, Axb skrev:
> I've run a small update of 90_axb_fraud.cf

thanks, where is rule generating described ?

> https://sourceforge.net/projects/sare/

sa-update how ?

> As nobody except John Hardin has shown up to contribute data, this is
> the last update I'll release as it requires massive fresh data to
> make
> the work worthwhile.

depends on how much phish slip through zen.spamhaus.org and Stans ptr
reverse client list
in postfix

ips without reverse ptr is most spammy here

> enjoy...

will try :-)
Re: Updated: 90_axb_fraud.cf [ In reply to ]
On 3/15/12 7:34 AM, Axb wrote:
> I've run a small update of 90_axb_fraud.cf
>
> https://sourceforge.net/projects/sare/
>
> As nobody except John Hardin has shown up to contribute data, this is
> the last update I'll release as it requires massive fresh data to make
> the work worthwhile.
>
I didn't know anything about 9_axb_fraud.cf

what kind of data do you need?

> enjoy...
>


--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
>*| *SECNAP Network Security Corporation

* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot Company Finalist 2011
* Best Email Security Product
* Certified SNORT Integrator

______________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r).
For Information please see http://www.spammertrap.com/
______________________________________________________________________
Re: Updated: 90_axb_fraud.cf [ In reply to ]
On 03/15/2012 03:28 PM, Benny Pedersen wrote:
> Den 2012-03-15 12:34, Axb skrev:
>> I've run a small update of 90_axb_fraud.cf
>
> thanks, where is rule generating described ?

what description do you want for a bunch of rules and 3 metas?

>
>> https://sourceforge.net/projects/sare/
>
> sa-update how ?

as there is no sa-update channel for this and I will never make one you
are welcome to run it for the community ;-)
Re: Updated: 90_axb_fraud.cf [ In reply to ]
On 3/15/12 10:28 AM, Benny Pedersen wrote:
>
> sa-update how ?
click download.
copy it to your spamassassin (local) rules dir
bsd: /usr/local/etc/mail/spamassassin
others (might be) /etc/mail/spamassassin.

its where your local.cf lives

if you use sa-compile, compile now.
if you use spamd, restart spamd, amavisd new, reload amavisd.



--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
>*| *SECNAP Network Security Corporation

* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot Company Finalist 2011
* Best Email Security Product
* Certified SNORT Integrator

______________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r).
For Information please see http://www.spammertrap.com/
______________________________________________________________________
Re: Updated: 90 axb fraud.cf [ In reply to ]
Den 2012-03-15 15:33, Axb skrev:

> what description do you want for a bunch of rules and 3 metas?

i like to commit my own sought rules generation, or atleast learn howto

> as there is no sa-update channel for this and I will never make one
> you are welcome to run it for the community ;-)

why not make clamav phish signatures ?

what about phishtank samples ?, hope thay doing there homework :-)
Re: Updated: 90_axb_fraud.cf [ In reply to ]
On 03/15/2012 04:08 PM, Benny Pedersen wrote:
> Den 2012-03-15 15:33, Axb skrev:
>
>> what description do you want for a bunch of rules and 3 metas?
>
> i like to commit my own sought rules generation, or atleast learn howto
>
>> as there is no sa-update channel for this and I will never make one
>> you are welcome to run it for the community ;-)
>
> why not make clamav phish signatures ?

you're welcome to do it yourself.

> what about phishtank samples ?, hope thay doing there homework :-)

more Benny blah...