Re: Souper95 score/kill file question.

From: walt moffett (walt@scott.net)
Date: Sun, 19 Jan 1997 19:11:36 -0600

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Next message: Richard Steiner: "Re: Announcements and so forth"
Previous message: B. Vermo: "Re: Tim, äh Tom, äh Tym, Tum, Tam, Tem (in Germany also possible: Täm Töm Tüm...)"
In reply to: Debra Walker: "Souper95 score/kill file question."

In article <Kgp4yUNOfeKW092yn@wwa.com>, debraw@wwa.com (Debra Walker) wrote:
>Hello to all.
>
>I would like to update my Souper95 score/kill file, so that I can weed
>out news articles from certain domains, or netblocks (?), based on the
>NNTP-Posting-Host and Received headers. I am not sure about the
>correct syntax to use, so I am seeking assistance. Here are two
>examples of lines in my score file that I have considered, so far:
>
> -1 pattern header ^NNTP-Posting-Host: .*badsite.net (where
> badsite.net is a domain)
>

would work but simpler would be something like:
all {
-9 nntp-posting-host: scott.net
}

Would zap anything posted from here.

Also consider the path, message-id, organization and from line.

While path is frequentily forged, sometimes there is useful information as
is the from line (bye mailloop) and organization (bye copycat).

> -1 pattern header ^Received: .*123.4.567* (where 123.4.567* is a netblock)

This would be more useful in a yarn mail filter or procmail filter.
however use the first three digits, as in

all {
header 204.181.147
}

Which again would zap anything posted from here thru the open port at
uu.net (which appends the IP number of the site that feeds the article in
the path line. By using header, you can also check the nntp-posting-host
line etc.

Next message: Richard Steiner: "Re: Announcements and so forth"
Previous message: B. Vermo: "Re: Tim, äh Tom, äh Tym, Tum, Tam, Tem (in Germany also possible: Täm Töm Tüm...)"
In reply to: Debra Walker: "Souper95 score/kill file question."