Friend Greetings expanding
Damian Mendoza
damian at WORKGROUPSOLUTIONS.COM
Fri Nov 22 16:54:13 GMT 2002
What does your regexp expression look like?
Thanks,
Damian
-----Original Message-----
From: Remco Barendse [mailto:mailscanner at BARENDSE.TO]
Sent: Friday, November 22, 2002 8:49 AM
To: MAILSCANNER at JISCMAIL.AC.UK
Subject: Re: Friend Greetings expanding
wouldn't it be better to create a regexp that combines
`e-card' of 'card' with any of the following 'laugh' and 'friend' and
'greeting'?
Judging by the 'success' of their work method (every not all too clever
user will install their crap) I think we will see loads of new domain
names fairly soon.
I found the same list on the mcafee site, and blocked all those sites in
my web proxy as well combined with a regexp as described above.
On Fri, 22 Nov 2002, Denis Beauchemin wrote:
> Hello,
>
> The following domain names have all been registered by the nice company
> that brought the Friend Greeting to us:
>
> cool-downloads.net
> friend-card.com
> friend-card.net
> friend-cards.com
> friend-cards.net
> friendgreeting.com
> friendgreeting.net
> friend-greetings.com
> friendgreetings.com
> friend-greetings.net
> friendgreetings.net
> laugh-mail.com
>
>
> I suggest we all add them to some high scoring SpamAssassin rules such
> as:
>
> describe FRIEND_GREETINGS Nasty E-card from FriendGreetings.com
> full FRIEND_GREETINGS /www\.friend-?greetings?\.com\./i
> score FRIEND_GREETINGS 100.0
>
> using the following regex:
> /http:\/\/.*cool-downloads\.net/i
> /http:\/\/.*friend-cards?\.(com|net|/i
> /http:\/\/.*friend-?greetings?\.(com|net)/i
> /http:\/\/.*laugh-mail\.com/i
>
> Denis
>
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the MailScanner
mailing list