https://bz.apache.org/SpamAssassin/show_bug.cgi?id=6784
John Hardin <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #5 from John Hardin <[email protected]> --- Add capture of URI from HTTP "refresh" meta - observed in phishing spam. Revision 1835588 Since the presence of a HTTP refresh isn't really usable by itself as a spam sign, hopefully exposing the refresh destination to URIBL checks and URI rules will be sufficient to catch bad actors. I'm trying to push publication of the __HTTP_REFRESH subrule so that it can be used in local rules. If that doesn't work: rawbody __HTTP_REFRESH /<meta\s[^>]{0,200}"refresh"/ism Closing as I think that's all we can do. -- You are receiving this mail because: You are the assignee for the bug.
