https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6676
--- Comment #5 from Darxus <[email protected]> 2011-10-18 18:32:37 UTC --- SPOOFED_URL_HOST had worse results than SPOOFED_URL. Ham that hit, in my corpus: 9 were google calendar marketing tracker urls. 6 were third party marketing trackers r20.rs6.net, links.mkt030.com, *.delivery.net. 5 were different hosts in the same domain, possibly all from one company. 2 were different domains owned by the same company (intuit.com / turbotax.com). 2 were emails I shouldn't have had in my corpus, that were off list replies on the subject of this rule. 1 was a bug in somebody's conversion from plain text to html in a reply. 1 I didn't manage to track down. So there are definitely opportunities for improvement. These three third party marketing trackers look pretty safe to grant exceptions to, because it's not immediately obvious how someone could use them as a redirector to an arbitrary url. And the google calendar thing could be handled with verification that it's coming from google calendar. A plugin could be written to use Mail::SpamAssassin::Util::RegistrarBoundaries::trim_domain() to only hit changes in domain name, and not changes in host name within the same domain. That would leave 2 hits with different domains owned by the same company, 2 conversion to html bugs, and 1 I couldn't figure out. All the ham hits: www.amazon.com -> amazon.com (same domain, different host) r20.rs6.net - marketing tracker email.capitalone.com -> turbotax.intuit.com/affiliate/capitalone35 - from capitalone about turbotax google calendar google calendar google calendar google calendar google calendar google calendar mailman htmlification bug + different host in same domain sprint.r.delivery.net - marketing tracker google calendar google calendar links.mkt030.com - marketing tracker Jockey broken htmlification google calendar Different host name in same domain Unknown problem with metalshapers yahoo group turbotax.com -> intuit.com (same company, 2 domains) different host, same domain different host, same domain different domain, same company different host, same domain r20.rs6.net - marketing tracker r20.rs6.net - marketing tracker r20.rs6.net - marketing tracker r20.rs6.net - marketing tracker Oops - off list reply on the subject of this rule, removed from corpora Oops - off list reply on the subject of this rule, removed from corpora -- Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug.
