• Home
• Rules
• Tools
• Documentation
• Links
• Forum

• SARE Tools

• BASE64
• SURBL+ Checker
• Regex Expander

SARE Tools

BASE64
Description:	This page will generate a rule to catch base64 encoding of your domain in the headers of e-mail.
Created by:	Fred Tarasevicius (Original Author) & Chris Thielen (Converted to PHP)
License Type:	Artistic/GPL dual
Status:	Active *
Last update:	2004-04-20
Note:	This script generates a default score of 3.0, please adjust this for your site's needs.

BASE64 (enhanced)
Description:	This page will generate a rule to catch base64 encoding of your domain(s) in the headers of e-mail.
Created by:	Fred Tarasevicius (Original Author) & Dallas Engelken (Converted to Perl)
Version:	v0.1
License Type:	Artistic/GPL dual
Status:	Active *
Last update:	2004-04-21
Note:	This script generates a default score of 3.0, please adjust this for your site's needs. This script has multi-domain support so you can generate a ruleset for many domains all at once, and give them each their own custom score. The rulename will be built based upon the domain name (ie BASE64_RULESEMPORIUM_COM)

SURBL+ Checker
Description:	This script will check your domain(s) or ip(s) against URIBL.com, SURLB.org, and other IP Blacklists. URI Submission Support to WS.SURBL.ORG and *.URIBL.COM is supported. A URIBL.com account is required to submit to black and grey, as they do not take anonymous submissions!
Created by:	Dallas Engelken
Version:	v1.0
License Type:	None
Status:	Active *
Last update:	2004-09-08
Note:	Custom input support to check multiple domains or ips all at once. Now Accepting Submission Reports for WS! CHANGELOG: v1.0 attach a spample option when reporting assign a spam rating when reporting v0.9 added domain registration date information if available added full whois lookup option added a record resolving of domain name to do quick RBL lookups on the IP address v0.8 fixed TLD walking when a dash was present in the domain name, causing it to query incorrect domains. v0.7 added OB, AB, and MULTI lists. Removed BE. v0.6 up to 4 part queries allowed, a.b.c.d.e will query for d.e, c.d.e, and b.c.d.e to save you from having to condense your hostnames down to see if anything above it is blocked.

Regex Expander
Description:	Expands regular expressions in SA rules to show all the various strings that will match a particular rule.
Created by:	Dallas Engelken (expand code by Gary Funck)
Version:	v0.4
License Type:	Artistic/GPL dual
Status:	Active *
Last update:	2004-07-20
Note:	CHANGELOG: v0.4 fixed @ sign escaping issue \@ - hopefully it doesnt break anything else :) v0.3 fixed pipe expansion issue (ie [il|] expands to i, l, and | now). fixed ? expansion issue when it is a 'repetition operator' following a alphanumeric char v0.2 added decode limitations to prevent large regex expansion v0.1 handles multiple rules with a single submit can combine results to produce a single output can sort output in several different ways can sort the combined results in the same fashion has a 15 second limiter between queries from the same ip has a time limit opt-out list for 'ninjas' writes output files and provide url for results over 500 lines long smart enough to know when to kill bad regexes that create 'many' results

Note to spammers: By making a one stop place for custom rules. We have no doubts you are reading this. While you will try to get around these rules, we assure you new ones are written everyday. You will not succeed against those determined to stop you. Try as you may, your efforts will be in vain. You can't stop the SARE Ninjas!