http://bugzilla.spamassassin.org/show_bug.cgi?id=4372
------- Additional Comments From [EMAIL PROTECTED] 2005-05-27 01:44 ------- Subject: Re: Spoofing rule Essentially this case has been discussed a number of times. I submitted a bug on it a while back. There are or have been some rules similar to this tested, and it turns out that they for the most part get very lousy hit ratios. Especially commercial newletters and the like tend to put hostnames and text that are both formatted as hostnames, but are quite different. Even checking for http: in the real link and https: in the display link gets a bad hit ratio. The only one that comes close to working is checking for http://\d in the actual link and https://[a-z] in the display link. Even it (as best I recall) has too low a hit ratio to make it into the standard rules. Now, all that said, SARE has several rules of this sort that work quite well at catching specifc phish attempts, and even some general attempts. But our limit on the S/O ratio we will accept is lower than the Dev's limit. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
