> From: Jo Rhett [mailto:jrhett@netconsonance.com]
>> I need to completely disable this over-opportunistic behavior. 90%
>> of my e-mails have either system output, or are concerning code
>> segments or router interfaces, etc, etc. I need these mails to get
>> through.
>>
>> At the very least, common collisions like script.pl need to be
>> disabled.


On Jul 2, 2007, at 1:13 PM, Rosenbaum, Larry M. wrote:
> uridnsbl_skip_domain script.pl


Perhaps some people can think of every possible script, filename,
router command, etc that might ever be mailed to them but I'm not one
of them. So manually listing each one in my SA config isn't an option.

I don't want bare words to be checked against a URI blacklist, it
can't be that useful.

And checking the filename at the end of a system path (which is what
this did) would *never* match against any spam. I just ran a test
against several million known spam and got zero hits.

This might be valid spam URL: www.spammy.com/a/valid/url
This will never be a spam URL: /a/valid/url/spammy.com

The FP from this message tested the latter case.

--
Jo Rhett
Net Consonance : consonant endings by net philanthropy, open source
and other randomness