On Wed, Aug 31, 2005 at 03:04:30PM -0400, Louis Proyect wrote:
The other day I asked about scoring. That was a last ditch effort
on my part to filter out some spam that seems resistant to normal
procmail recipes. I have put together some documentation at:
http://www.columbia.edu/~lnp3/PennyStocks.htm
It consists of:
1. My .procmailrc script.
2. The recipes that are meant to catch anything with "st0ck" or
"St0ck", a dead giveaway for Penny Stock newsletters that 9 out
of 10 times are hypeing non-existent companies!
3. A sample spam that was not caught by the filter.
4. The procmail output generated for the spam with verbose
on. You'll note that it didn't find a match on "st0ck" when it is
clearly evident.
5. What is truly bizarre is the procmail output I get when I
simply forward the same message to myself. When I do this, it is
caught by the filter. I can't understand how this is possible.
Louis, I don't even need to go to your web site to know exactly
what is going on. The mail you couldn't catch is base64-encoded.
Your mail reader decodes it. When you use your mail reader
to send the message, it turns the message into text, and
your filter works.
I happened to discuss this very same issue in some detail in
your and my shell provider's local (non-public) newsgroup,
panix.questions, yesterday. included in that discussion was
some detailed analysis.
Since you're on panix, and these discussions have been
frequent and fuitful on panix, I suggest you look in on
those recent threads. I will email you the Message-ID
for the particular post I am referring to that I wrote
yesterday.
The rest of you: well, panix is a pre-eminent shell provider.
If you're looking for same, come on over. The water's fine.
Then you can read the panix.questions posts too. ;-p
(Oh, and tell 'em I sent ya.)
Dallman
____________________________________________________________
procmail mailing list Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail