On Fri, 27 Feb 2004, Alton Danks wrote:
> I'm seeing some SPAM that has odd href tags like the following:
>
> align="center"><a hrefShanghaishref=http://cowerers.com href=
>
> "http://www.nungim.com/?ai=7030 ">
[...]
> I've tried:
>
> rawbody CTS_HREF /\bhref[a-z]\b/i
Give /<a .{0,32}href[^=]/i a go. That's what I use here.
The general idea is to scan for the <A anchor and look for an
href that's followed by anything *other* than an equals sign
within zero to 32 characters. That should bag your spammer.
+------------------------------------------------+---------------------+
| Carl Richard Friend (UNIX Sysadmin) | West Boylston |
| Minicomputer Collector / Enthusiast | Massachusetts, USA |
| mailto:[EMAIL PROTECTED] +---------------------+
| http://users.rcn.com/crfriend/museum | ICBM: 42:22N 71:47W |
+------------------------------------------------+---------------------+
