Hi, Can someone explain why spamassassin is allowing apparent google redirects? Cryptolocker :-( This one's blocked now.
<td align="left" style="font-family: 'merriweather sans', tahoma, arial, sans-serif; color: rgb(54, 54, 54); font-size: 14px;"><a href="https://www.google.com/url?q=http://www.mediafire.com/download/izdqjzml6dz68t3/1Z4566W50325036.ups.doc_.wsf08137322366IlRiZxJtpLvPq78WySF33Y&sa=D&usg=AFQjCNG6PWyLVrbpnrMhn12glB2txWOUgA" style="color: rgb(89, 143, 222); outline: 0px;" target="_blank">1Z4566W50378875...</a></td> # href="https://www.google.com/url?q=http://www.mediafire.com/download/izdqjzml6 rawbody GOOG_VIEW1 m;https?://www\.google\.com/url\?(q=http(s)?|sa=t\&\;url=http); describe GOOG_VIEW1 Using google url score GOOG_VIEW1 6.0 Ideas for improving the rule or making it more flexible would be appreciated. http://pastebin.com/MY7mZkjs