http://www.networkworld.com/community/blog/android-botnet-army-spouting-
spam-yahoo-mail-app?source=NWWNLE_nlt_daily_pm_2012-07-05
The spam messages share two similarities, Zink, who discovered the
botnet, explained in a blog post
If you know the header contains an exact string on a single line:
HEADERS 1 PCRE (?m:^Message-ID:blahblahblah)
Set the score weight as you like.
If you want to do a case-insensitive search, change ?m: to ?im:
If the text inside the blahblahblah would match regexp reserved strings,