Brian Godette wrote:
Any particular reason why ccbill.com, a fairly common credit card processing site, would be listed other than as collateral damage? The two surbl hits plus UNIQ_ID nearly pushed this over the customer's trash level (/dev/null'd).ccbill does a very big lot of cerditcard transactions for almost every sex site on the planet I had up till this point never seen a link to their site from a reputable source, but a lot of these links from sites that offer young pornsters on your screen..
Content analysis details: (9.5 points, 6.0 required)
0.2 NO_REAL_NAME From: does not include a real name
0.4 HTML_40_50 BODY: Message is 40% to 50% HTML
0.1 HTML_FONT_FACE_ODD BODY: HTML font face is not a commonly used face
0.2 HTML_MESSAGE BODY: HTML included in message
0.0 BAYES_50 BODY: Bayesian spam probability is 50 to 56%
[score: 0.5215]
3.0 WS_URI_RBL URI's domain appears in sa-blacklist
[www.ccbill.com is blacklisted in URI RBL at]
[ws.surbl.org]
3.0 BE_URI_RBL URI's domain appears in BigEvil
[www.ccbill.com is blacklisted in URI RBL at]
[be.surbl.org]
2.7 SUBJ_HAS_UNIQ_ID Subject contains a unique ID
I think I even have them in the sare_redirect set, maybe I should remove them from there aswell. If possible could you send me the message (private) and I'll have a look. creditcard info etc can be removed.
btw I wouldn't really recommend scoring both WS_URI anf BE_URI so high, as they're likely to trigger as a pair.
Jesse SARE Ninja http://www.rulesemporium.com/
