It only looks at the domain. For example, it will catch:
www.blah.com/<anything> anything.blah.com anything.anything.more.subdomains.blah.com/anything Keith > Hi, > I have a question on the new(ish) scanning that spamassassin does on > URI's. It seems to be working very well for us here, but I have a > question.. > > WIll it catch: > > http://www.blah.com/?jj38942 > > as well as > > http://www.blah.com/?34223 > > We are beginning to notice alot of e-mails (being marked right now) > coming through with what seems like random characters in them at the > end, and was wondering if a spammer could possibly use this technique > to avoid being detected? ie, just put random characters after the > trailing slash? >