I've been working on this one closely as well and believe the problem is definitely not solveable with a rule NOR is it even a legitimate test without more parameters (see below). For example, I receive a wide variety of news aggregation, press releases, etc. I'm seeing them use shortened URLs ala tinyurl that differ from the URL text / protocol. I believe they do this for tracking and HTML to text readability purposes.
In short, I don't believe this is a spam-esque trait though I am looking forward to getting my newest server doing more corpus tests with the nightly tests and spamassassin. However, just today or yesterday there was a new rule that did an eval test and some num of link proportions that I'm looking forward to seeing results from. It was an idea from Fred Tarasevicius. Regards, KAM > Saw this cross the SpamAssassin list today: > > <http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4255> > > Apparently a lot of legitimate mail has anchors with HTTP/HTTPS mismatch > between the URL in the anchor's href and the URL in the body of the anchor. > > I thought that instead of rejecting poor HTML, one could also use MD's > reassembly feature to wrap invalid HTML with the validation report, > including a warning at the top of any mismatches like this. PHB's would > still get their pretty HTML, with a nice ugly report up front telling them > how bad it is under the hood, and why it's hard to tell it from spam. _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
