On 12/17/2015 09:15 PM, John Hardin wrote:
On Thu, 17 Dec 2015, Alex wrote:
Hi,
Can someone explain why spamassassin is allowing apparent google
redirects? Cryptolocker :-( This one's blocked now.
<td align="left" style="font-family: 'merriweather sans', tahoma,
arial, sans-serif; color: rgb(54, 54, 54); font-size: 14px;"><a
href="https://www.google.com/url?q=http://www.mediafire.com/download/{snip}";
style="color: rgb(89, 143, 222);
outline: 0px;" target="_blank">1Z4566W50378875...</a></td>
#
href="https://www.google.com/url?q=http://www.mediafire.com/download/izdqjzml6
rawbody GOOG_VIEW1
m;https?://www\.google\.com/url\?(q=http(s)?|sa=t\&\;url=http);
describe GOOG_VIEW1 Using google url
score GOOG_VIEW1 6.0
Ideas for improving the rule or making it more flexible would be
appreciated.
There are google rules. I'll take a look at why this wasn't scored when
I get a chance later today or tomorrow.
there's a bunch of Henry Stern's google redirector_pattern rules but
they're all made for http only.
Adding and commiting s? now
