Mailing List Archive: [Bug 3390] New: Rule based on Kelson Vibber's MD code for bogus AOL Addresses

[Bug 3390] New: Rule based on Kelson Vibber's MD code for bogus AOL Addresses

May 13, 2004, 8:59 PM

Post #1 of 3 (50 views)

http://bugzilla.spamassassin.org/show_bug.cgi?id=3390

Summary: Rule based on Kelson Vibber's MD code for bogus AOL
Addresses
Product: Spamassassin
Version: unspecified
Platform: Other
OS/Version: other
Status: NEW
Severity: normal
Priority: P5
Component: Rules
AssignedTo: spamassassin-dev@incubator.apache.org
ReportedBy: kmcgrail@peregrinehw.com

# Rule based on Kelson Vibber's MD code for bogus AOL Addresses
# Check for bogus AOL addresses as described at
# http://postmaster.aol.com/faq/mailerfaq.html#syntax
# - all alphanumeric, starting with a letter, from 3 to 16 characters long.
header __KAM_AOL From =~ /\@aol.com/i
describe __KAM_AOL Partial Rule: Marks AOL Addresses
header __KAM_GOODAOL From =~ /[a-z][a-z0-9]{2,15}\@aol.com/i
describe __KAM_GOODAOL Partial Rule: Marks Bad AOL Addresses
meta KAM_COMBO_BADAOL __KAM_AOL && !(__KAM_GOODAOL)
describe KAM_COMBO_BADAOL From: Invalid AOL Email Address. High
probability of spam.
score KAM_COMBO_BADAOL 3.0

------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

Re: [Bug 3390] New: Rule based on Kelson Vibber's MD code for bogus AOL Addresses [ In reply to ]

Robert at Menschel

May 15, 2004, 7:30 PM

Post #2 of 3 (50 views)

Permalink

Hello bugzilla-daemon,

Thursday, May 13, 2004, 8:59:36 PM, Bugzilla transmitted:

k> http://bugzilla.spamassassin.org/show_bug.cgi?id=3390
k> Summary: Rule based on Kelson Vibber's MD code for bogus AOL
k> ReportedBy: kmcgrail@peregrinehw.com

k> # Rule based on Kelson Vibber's MD code for bogus AOL Addresses
k> # Check for bogus AOL addresses as described at
k> # http://postmaster.aol.com/faq/mailerfaq.html#syntax
k> # - all alphanumeric, starting with a letter, from 3 to 16 characters long.

Looks decent here, but not a big hitter.
OVERALL SPAM HAM S/O SCORE NAME
98444 76837 21607 0.781 0.00 0.00 (all messages)
38 38 0 1.000 0.00 3.00 KAM_COMBO_BADAOL

OVERALL% SPAM% HAM% S/O RANK SCORE NAME
98444 76837 21607 0.781 0.00 0.00 (all messages)
100.000 78.0515 21.9485 0.781 0.00 0.00 (all messages as %)
0.039 0.0495 0.0000 1.000 0.00 3.00 KAM_COMBO_BADAOL

BTW, I'm working on the HTML coding rule set for SARE, and one of the
rules we're testing/rescoring is
uri SARE_HTML_URI_BUG /(\%0[01]|\0).*\@/i
describe SARE_HTML_URI_BUG Attempted use of URI bug.
score SARE_HTML_URI_BUG 1.000 # type=spamg
#stype SARE_HTML_URI_BUG spamg
#counts SARE_HTML_URI_BUG 9s/0h of 98542 corpus (76935s/21607h) 05/12/04
#hist SARE_HTML_URI_BUG KAM_URIPARSE

This one was yours, yes?

Bob Menschel

Re: [Bug 3390] New: Rule based on Kelson Vibber's MD code for bogus AOL Addresses [ In reply to ]

kmcgrail at pccc

May 15, 2004, 8:05 PM

Post #3 of 3 (50 views)

Permalink

Hello,

I don't think the AOL rule is important from the big hitter standpoint but
from the 100% no false positive standpoint.

And yes, the URI rule was mine as well.

Regards,
KAM
----- Original Message -----
From: "Robert Menschel" <Robert@Menschel.net>
To: <kmcgrail@peregrinehw.com>
Cc: <spamassassin-dev@incubator.apache.org>
Sent: Saturday, May 15, 2004 10:30 PM
Subject: Re: [Bug 3390] New: Rule based on Kelson Vibber's MD code for bogus
AOL Addresses

> Hello bugzilla-daemon,
>
> Thursday, May 13, 2004, 8:59:36 PM, Bugzilla transmitted:
>
> k> http://bugzilla.spamassassin.org/show_bug.cgi?id=3390
> k> Summary: Rule based on Kelson Vibber's MD code for bogus AOL
> k> ReportedBy: kmcgrail@peregrinehw.com
>
> k> # Rule based on Kelson Vibber's MD code for bogus AOL Addresses
> k> # Check for bogus AOL addresses as described at
> k> # http://postmaster.aol.com/faq/mailerfaq.html#syntax
> k> # - all alphanumeric, starting with a letter, from 3 to 16 characters
long.
>
> Looks decent here, but not a big hitter.
> OVERALL SPAM HAM S/O SCORE NAME
> 98444 76837 21607 0.781 0.00 0.00 (all messages)
> 38 38 0 1.000 0.00 3.00 KAM_COMBO_BADAOL
>
> OVERALL% SPAM% HAM% S/O RANK SCORE NAME
> 98444 76837 21607 0.781 0.00 0.00 (all messages)
> 100.000 78.0515 21.9485 0.781 0.00 0.00 (all messages as %)
> 0.039 0.0495 0.0000 1.000 0.00 3.00 KAM_COMBO_BADAOL
>
> BTW, I'm working on the HTML coding rule set for SARE, and one of the
> rules we're testing/rescoring is
> uri SARE_HTML_URI_BUG /(\%0[01]|\0).*\@/i
> describe SARE_HTML_URI_BUG Attempted use of URI bug.
> score SARE_HTML_URI_BUG 1.000 # type=spamg
> #stype SARE_HTML_URI_BUG spamg
> #counts SARE_HTML_URI_BUG 9s/0h of 98542 corpus (76935s/21607h)
05/12/04
> #hist SARE_HTML_URI_BUG KAM_URIPARSE
>
> This one was yours, yes?
>
> Bob Menschel
>
>
>