Ok so I'm confused on how to SA could catch this..
URIBL OR Razor isn't catching these because of how quickly they are going
out (sure a few days/hours later running SA against the email it will catch
it) but that isn't the point.
My question is how can SA check the previous mail relay from spe
>
> I think that a SA plugin which resolves URIs would be enough:
> I received
> some of these spams, everyone containing a URI pointing to
> the very same web
No direct plugin, but URIBL will catch most of these fairly quickly. Its not
a new tactic, but has recently picked up on the spam runs