At 09:03 AM 8/29/98 +0300, Liviu Daia wrote:
On 28 August 1998, Stan Ryckman <stanr(_at_)sunspot(_dot_)tiac(_dot_)net>
wrote:
At 07:45 AM 8/28/98 -0700, John D. Hardin wrote:
A suggestion:
If you're going to send a spam-filter snippet to the list, try to
avoid attaching it as plain text. Certain key strings (such as the
"*ull's *ye *old" in the recent example) may trigger filters.
Huh? Just white-list this (and any other subscribed) mailing list
before filtering on subject or content. That's easy and I believe
has been suggested numerous times as a necessity for any reasonable
content-based spam detector.
[...]
You must be joking, this list is the only one through which I still
receive spam.
Sorry, I do not see the purported joke. While the issue of whether this
list should require subscription to post has been beaten to death (actually,
I think requiring non-subscribers to confirm the post with an OK would
do it since most spam is unreplyable), how much of the spam that made it
onto this list had the list address in the To: or Cc: header?
I don't bother doing this myself, so this is untested, but if you insist:
COLOR
:0
*
^Resent-Sender:(_dot_)*procmail(_at_)informatik\(_dot_)rwth-aachen\(_dot_)de
* ^(To|Cc):.*procmail
{ COLOR = "white" }
#you might even just set COLOR=black when it does match
#Resent-Sender: but not To: or Cc:
#since the only Bcc's that appear on the procmail list seem
#to be those intended to prove it does work. But for this
#example I'm just treating those as "unknown".
:0E
* conditions which match Liviu's never-spammed lists
{ COLOR = "white" }
...
:0
* ! COLOR ?? .
* header conditions identifying sure spam
{ COLOR = "black" }
...
:0
* ! COLOR ?? .
now put the body or Subject: filtering here
...
Then do what you want with white-listed and black-listed mail.
It's much more reasonable to have people be expected to put the
listname in To: or Cc: if they expect everyone to see it, than it is
to try and convenience both senders and receivers to try and avoid
some specific person's content-based spam filters when he has
an easy workaround such as the above.
Cheers,
Stan