On Thursday 19 June 2008 9:33 am, Yet Another Ninja wrote: > Guys, you're being hit with hacked web site URIs showing up in a heavy > spam flood. I see Uribl.com got most of them, but in case: > > rawbody GMD_R_DOT_HTML /\/r\.html$/ > describe GMD_R_DOT_HTML Possible hacked site with porntube redirect > score GMD_R_DOT_HTML 3.5 > > Note: making it an uri rule doesn't hit them all. > > enjoy
I'd like to enjoy, stuck the above in my local.cf, restarted SA, ran spamassassin --lint and got: [EMAIL PROTECTED] ~]$ spamassassin --lint [25034] warn: config: failed to parse line, skipping, in "/etc/mail/spamassassin/local.cf": score GMD_R_DOT_HTML 3.5 [25034] warn: config: warning: description exists for non-existent rule GMD_R_DOT_HTML [25034] warn: lint: 2 issues detected, please rerun with debug enabled for more information I know it can't be that hard to c/p a rule, though it seems I either messed something up or SA didn't like the rule. -- Chris KeyID 0xE372A7DA98E6705C
pgp2gZfCUVttl.pgp
Description: PGP signature
