http://bugzilla.spamassassin.org/show_bug.cgi?id=4255
------- Additional Comments From [EMAIL PROTECTED] 2005-04-11 16:40 ------- Subject: Re: Suggestion for new rule: Anti-phishing rule. On Mon, Apr 11, 2005 at 03:48:18PM -0700, [EMAIL PROTECTED] wrote: > I dont agree with the WORKSFORME closure, because this rule does something > quite > different from the one in 3.1. Well, it's actually not "quite different". It's almost exactly the same thing really. The only difference is that the current HTTPS_IP_MISMATCH looks specifically for a URI which goes to an IP and can be for http or https. The rule in question is indiscriminate but limited to http. Ok, so I did up an eval rule and did some tests... If I make it simply look for URIs which start "http:" which have anchor text starting with "https:": (based on the last 14 days) 0.080 0.0979 0.0000 1.000 1.00 0.01 T_HTTPS_URI_MISMATCH If I open it up to have anchor text with /\bhttps:/ instead: 0.123 0.1502 0.0000 1.000 1.00 0.01 T_HTTPS_URI_MISMATCH So I could have sworn that this was tested and rejected for S/O reasons, but either I'm on crack or there was something else which made it horrible at the time (I do have a few FPs in the corpus for legit newsletters back from earlier this year, FWIW...) Anyway, I apologize for premature ticket closure. We really ought to document the stuff we try so that in the future we can just look it up and see if this was tried before or not. <sigh> Anyway, committed my eval version, r160982. :) ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
