I am open to modifying my rules as needed. Send spamples via pastebin or see the instructions in KAM.cf.
On Mon, Apr 9, 2018, 21:40 Alex Regan <mysqlstud...@gmail.com> wrote: > Hi, > > What's the best way to add a URL shortener to the current list? Would I > have to rewrite __URL_SHORTENER? I also notice this subrule doesn't > account for the https version of the list. Is that intentional? > > More specifically, we've received some spam from back.ly. I could reject > it outright, but I'd like to create some meta rules that more generally > include any URL shortener. > > I'm using KAMs rules, and it appears he's creating his own subrule based > on URL shorteners, but it's not even as inclusive as the stock SA subrule. > > I'm also using DecodeShortURLs, and have added it to the url_shortener > list there, but it doesn't hit because the redirect is 404'd: > > dbg: DecodeShortURLs: URL is not redirect: http://back.ly/1MMCf = 403 > Forbidden > > This means the email would still be received, but will still be > considered malicious and preventable by the recipient. > > Ideas greatly appreciated. >