Gecko [ www.finalhopeacademy.com ]

Name	Size	Permission
10_default_prefs.cf	8.48 KB	-rw-r--r--
10_hasbase.cf	2.37 KB	-rw-r--r--
20_advance_fee.cf	7.43 KB	-rw-r--r--
20_aux_tlds.cf	8.8 KB	-rw-r--r--
20_body_tests.cf	6.84 KB	-rw-r--r--
20_compensate.cf	1.85 KB	-rw-r--r--
20_dnsbl_tests.cf	9.5 KB	-rw-r--r--
20_drugs.cf	14.7 KB	-rw-r--r--
20_dynrdns.cf	11.22 KB	-rw-r--r--
20_fake_helo_tests.cf	8.31 KB	-rw-r--r--
20_freemail.cf	2.94 KB	-rw-r--r--
20_freemail_domains.cf	41.82 KB	-rw-r--r--
20_head_tests.cf	25.74 KB	-rw-r--r--
20_html_tests.cf	10.27 KB	-rw-r--r--
20_imageinfo.cf	5.16 KB	-rw-r--r--
20_mailspike.cf	2.6 KB	-rw-r--r--
20_meta_tests.cf	3.25 KB	-rw-r--r--
20_net_tests.cf	1.83 KB	-rw-r--r--
20_phrases.cf	7.98 KB	-rw-r--r--
20_porn.cf	2.01 KB	-rw-r--r--
20_ratware.cf	15.59 KB	-rw-r--r--
20_uri_tests.cf	5.54 KB	-rw-r--r--
20_vbounce.cf	18.82 KB	-rw-r--r--
23_bayes.cf	2.49 KB	-rw-r--r--
25_accessdb.cf	1.51 KB	-rw-r--r--
25_antivirus.cf	1.5 KB	-rw-r--r--
25_asn.cf	1.51 KB	-rw-r--r--
25_dcc.cf	2.27 KB	-rw-r--r--
25_dkim.cf	4.3 KB	-rw-r--r--
25_hashcash.cf	2.86 KB	-rw-r--r--
25_pyzor.cf	1.28 KB	-rw-r--r--
25_razor2.cf	3.31 KB	-rw-r--r--
25_replace.cf	7.57 KB	-rw-r--r--
25_spf.cf	3.35 KB	-rw-r--r--
25_textcat.cf	1.73 KB	-rw-r--r--
25_uribl.cf	10.14 KB	-rw-r--r--
30_text_de.cf	27.12 KB	-rw-r--r--
30_text_fr.cf	19.89 KB	-rw-r--r--
30_text_it.cf	1.81 KB	-rw-r--r--
30_text_nl.cf	20.94 KB	-rw-r--r--
30_text_pl.cf	17.34 KB	-rw-r--r--
30_text_pt_br.cf	44.46 KB	-rw-r--r--
50_scores.cf	36.92 KB	-rw-r--r--
60_adsp_override_dkim.cf	9.02 KB	-rw-r--r--
60_awl.cf	1.27 KB	-rw-r--r--
60_shortcircuit.cf	2.13 KB	-rw-r--r--
60_whitelist.cf	4.87 KB	-rw-r--r--
60_whitelist_dkim.cf	6.05 KB	-rw-r--r--
60_whitelist_spf.cf	3.5 KB	-rw-r--r--
60_whitelist_subject.cf	1.87 KB	-rw-r--r--
72_active.cf	199.42 KB	-rw-r--r--
72_scores.cf	9.65 KB	-rw-r--r--
73_sandbox_manual_scores.cf	2.61 KB	-rw-r--r--
STATISTICS-set0-72_scores.cf.t...	1.46 KB	-rw-r--r--
STATISTICS-set1-72_scores.cf.t...	1.46 KB	-rw-r--r--
STATISTICS-set2-72_scores.cf.t...	0 B	-rw-r--r--
STATISTICS-set3-72_scores.cf.t...	0 B	-rw-r--r--
languages	99.1 KB	-rw-r--r--
local.cf	2.16 KB	-rw-r--r--
regression_tests.cf	2.71 KB	-rw-r--r--
sa-update-pubkey.txt	4.67 KB	-rw-r--r--
sa-update.cron	3.07 KB	-rwxr--r--
user_prefs.template	1.83 KB	-rw-r--r--

Code Editor : 20_imageinfo.cf

# SpamAssassin rules file: Image information tests
#
# Please don't modify this file as your changes will be overwritten with
# the next update. Use @@LOCAL_RULES_DIR@@/local.cf instead.
# See 'perldoc Mail::SpamAssassin::Conf' for details.
#
# <@LICENSE>
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements.  See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to you under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License.  You may obtain a copy of the License at:
# 
#     http://www.apache.org/licenses/LICENSE-2.0
# 
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# </@LICENSE>
#
###########################################################################

ifplugin Mail::SpamAssassin::Plugin::ImageInfo

## # you can match by image name
## body		DC_IMAGE001_GIF		eval:image_named('image001.gif')
## describe	DC_IMAGE001_GIF		Contains image named image001.gif

## # you can do exact image size matches 
## body	 	DC_GIF_264_127  	eval:image_size_exact('gif','264','127')
## describe 	DC_GIF_264_127  	Found 264x127 pixel gif, possible pillz

# you can do image to text, or image to html ratios 
rawbody		__DC_IMG_HTML_RATIO	eval:image_to_text_ratio('all', '0.000', '0.015')
describe	__DC_IMG_HTML_RATIO	Low rawbody to pixel area ratio

body		__DC_IMG_TEXT_RATIO	eval:image_to_text_ratio('all', '0.000', '0.008')
describe	__DC_IMG_TEXT_RATIO	Low body to pixel area ratio

# body		DC_GIF_TEXT_RATIO	eval:image_to_text_ratio('gif',0.000, 0.008)
# describe	DC_GIF_TEXT_RATIO	Low body to GIF pixel area ratio

# rawbody	DC_GIF_HTML_RATIO	eval:image_to_text_ratio('gif',0.000, 0.008)
# describe	DC_GIF_HTML_RATIO	Low rawbody to GIF pixel area ratio

# using exact size match to identify things like screenshots
# body	 	__SCREEN_640x480  	eval:image_size_exact('all',800,600)
# body	 	__SCREEN_800x600 	eval:image_size_exact('all',800,600)
# body	 	__SCREEN_1024x768 	eval:image_size_exact('all',1024,768)
# body	 	__SCREEN_1280x1024  	eval:image_size_exact('all',1280,1024)
# meta		DC_SCREENSHOT_JPG	( __SCREEN_640x480 || __SCREEN_800x600 || __SCREEN_1024x768 || __SCREEN_1280x1024 )
# describe	DC_SCREENSHOT_JPG	Contains inline image matching common screen resolution
# score		DC_SCREENSHOT_JPG	-0.01

# you can do minimum demension matches
# body	 	DC_GIF_300		eval:image_size_range('gif',300,300)
# describe	DC_GIF_300		Contains a 300x300 pixels gif or larger
# score		DC_GIF_300		0.01

# you can do ranged demension matches
# body	 	DC_JPEG_200_300		eval:image_size_range('gif', 200, 300, 250, 350)
# describe	DC_JPEG_200_300		Contains jpeg 200-250 (high) x 300-350 (wide)
# score		DC_JPEG_200_300 	0.01

# you can count the number of images (all or by image type)
body	 	__GIF_ATTACH_1		eval:image_count('gif','1','1')
body  		__GIF_ATTACH_2P		eval:image_count('gif','2')

body		__PNG_ATTACH_1		eval:image_count('png','1','1')
body  	 	__PNG_ATTACH_2P		eval:image_count('png','2')

body		__JPEG_ATTACH_1		eval:image_count('jpeg',1,1)
body		__JPEG_ATTACH_2P	eval:image_count('jpeg',2)

# you can determine pixel coverage (all or by image type)
body		__GIF_AREA_180K		eval:pixel_coverage('gif','180000','475000')
body		__PNG_AREA_180K		eval:pixel_coverage('png','180000','475000')
# body		__JPEG_AREA_180K	eval:pixel_coverage('jpeg',180000,475000)

# meta together something useful
meta	 	DC_GIF_UNO_LARGO	( __GIF_ATTACH_1 && __GIF_AREA_180K )
describe 	DC_GIF_UNO_LARGO  	Message contains a single large inline gif

meta		__DC_GIF_MULTI_LARGO 	( __GIF_ATTACH_2P && __GIF_AREA_180K )
describe	__DC_GIF_MULTI_LARGO  	Message has 2+ inline gif covering lots of area

meta	 	DC_PNG_UNO_LARGO	( __PNG_ATTACH_1 && __PNG_AREA_180K )
describe 	DC_PNG_UNO_LARGO	Message contains a single large inline gif

meta	 	__DC_PNG_MULTI_LARGO 	( __PNG_ATTACH_2P && __PNG_AREA_180K )
describe	__DC_PNG_MULTI_LARGO  	Message has 2+ inline png covering lots of area

# meta	 	DC_JPEG_UNO_LARGO 	( __JPEG_ATTACH_1 && __JPEG_AREA_180K )
# describe	DC_JPEG_UNO_LARGO  	Message hash single large inline jpeg

# meta	 	DC_JPEG_MULTI_LARGO 	( __JPEG_ATTACH_2P && __JPEG_AREA_180K )
# describe	DC_JPEG_MULTI_LARGO  	Message has 2+ inline jpeg covering lots of area

meta		DC_IMAGE_SPAM_TEXT		( __DC_IMG_TEXT_RATIO && ( DC_GIF_UNO_LARGO || DC_PNG_UNO_LARGO || __DC_GIF_MULTI_LARGO || __DC_PNG_MULTI_LARGO ))
describe	DC_IMAGE_SPAM_TEXT		Possible Image-only spam with little text

# meta the stock rules together for HTML_IMAGE_ONLY_* 
meta		__HTML_IMG_ONLY			( HTML_IMAGE_ONLY_04 || HTML_IMAGE_ONLY_08 || HTML_IMAGE_ONLY_12 || HTML_IMAGE_ONLY_16 || HTML_IMAGE_ONLY_20 || HTML_IMAGE_ONLY_24 || HTML_IMAGE_ONLY_28 )

meta		DC_IMAGE_SPAM_HTML		( ( __HTML_IMG_ONLY  || __DC_IMG_HTML_RATIO ) && ( DC_GIF_UNO_LARGO || DC_PNG_UNO_LARGO || __DC_GIF_MULTI_LARGO || __DC_PNG_MULTI_LARGO ))
describe	DC_IMAGE_SPAM_HTML		Possible Image-only spam

endif

${this.title}

Code Editor : 20_imageinfo.cf