Re: [mod-security-users] Wrong post trigger
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Wrong post trigger
|
From: Justin G. <web...@sw...> - 2005-12-16 08:34:06
|
Gerwin,
Unless this is a dedicated server in which you have absolute control on the scripts, I find
these techniques more hurting than adding something...
We are using shared servers here and anything we tried gave false positives.
We are hitting the issue from a different pov - installing spam-assassin on the gateway and
quarantining the suspected spam messages for later review. If we find false positives, we instruct
the client on how to fix it (mainly modify the email text).
Adding spamhaus/spamcop with a big score in spam-assassin does the trick, many spammers are blacklisted
or use zombies to send spam which are also getting listed fast in the bls.
happy spam fighting,
Justin
Gerwin Krist -|- Digitalus Webhosting wrote:
> Hey there my fellow list readers. I was testing some new rules (mostly for php
> email injection rules), for this it was required to have ScanPOST on.
>
> I have the following rule:
> SecFilterSelective ARGS_VALUES "(http:/).+(\.txt|\.jpg|\.dat|\.gif|\.jpeg
> \.ini|\:[0-9]{1,9})"
> Which should check for remote locations in server arguments (GET) only right?
> Well mod_security also triggers it when I put a remote location in an email
> form. Am I making a thinking error here? Maybe I looked to long to this
> issue :)
>
|
