https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6731
Kevin A. McGrail <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED CC| |[email protected] Resolution| |INVALID --- Comment #1 from Kevin A. McGrail <[email protected]> 2011-12-16 17:04:43 UTC --- You are correct you found a pattern. A quick test with something silly like this showed it. grep -i -e "\/[a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9]" /tmp/samples.txt | grep http | grep -v "img " However, I predicted and found that this pattern is not indicative of spam/ham. I found it used a LOT in newsletters and automated subscriptions. I quickly found 217 hits in my recent HAM corpora. I think we even use it a lot in code for things like "couldn't view this email? View it on the web at..." type notices using sha1 hex-encoded hashes. In short, good try but no dice. Regards, KAM -- Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug.
